On Wed, Jun 15, 2016 at 6:57 PM, Walter Stovall <walter.stov...@byers.com>
wrote:
> Oh, that’s nice – thanks.
>
>
>
> There’s hopefully just one last part of this problem I need to address
> (thank you for all your help).
>
>
>
> As mentioned my authenticated-user (the GSUser) is not in fact the name of
> the user I want to impersonate. I need to figure out how to get the name
> of the impersonated user into the environment.
>
>
>
> The impersonated user is based on the geoserver workspace and remains
> constant for the life of the workspace. My dream solution would be that I
> could store the name of the impersonated user into the workspace itself and
> somehow leverage code that gets the name/value into the environment when a
> request is dispatched. Poking around, I see that the WorkspaceInfoImpl has
> set/getMetadataMap(). If I could put my own name/value pair for the
> impersonated user into the MetadataMap for the workspace and then the
> MetadataMap were found to be part of the environment that would be the
> magic answer.
>
>
>
> Of course maybe it’s not that easy but does this trigger any suggestion
> you might have? I know the impersonated user name when I create the
> workspace. I just don’t know how to get that into the environment when a
> request against the workspace is dispatched.
>
>
>
> Do I need a dispatcher callback? If so can I make the callback installed
> by my service code run before other services like WMS/WFS attempt accessing
> features so this is all setup right?
>
Hmm... this is getting complicated enough that I believe you are going to
need some custom code regardless, in one or more points.
If you are using workspace specific services, you can get the current
workspace from the LocalWorkspace class, that is holding to a thread local.
If you are using global services instead I don't see an easy way out, as a
request might contain data from multiple workspaces.
A few ideas come to mind (mind, I cannot guarantee any of them is good):
1) Create a subclass of the OracleNGDataStoreFactory, register it in SPI
(check META-INF/services), and when createDataStoreInternal is called,
attach a connection listener that looks for LocalWorkspace and your custom
map. This code will reside in GeoServer
2) Create a FeatureTypeInitializer and register it in the GeoServer app
context, while it's meant to initialize a particular feature type, it has
access to the store too, and attach the listener there. Of course you'll
have to care about not attaching the same listener multiple times
3) Modify the code a bit deeper and create a new DataAccessInitializer
interface that would allow custom setup of stores, to be plugged in
ResourcePool like FeatureTypeInitializer is, and do the same as above
4) Add store init parameters like we discussed before, but make them OGC
Expression objects, or Strings that are supposed to be parsed as ECQL, and
then roll your own custom filter functions to extract the values you need
from the surrounding environment (e.g., LocalWorkspace)
I'd go for 3, but it's just me.
Cheers
Andrea
--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==
Ing. Andrea Aime
@geowolf
Technical Lead
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.
-------------------------------------------------------
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
