[Geoserver-devel] [JIRA] (GEOS-7803) GeoFence Embedder does not check for plain Rule Services

Alessio Fabiani (JIRA) Wed, 19 Oct 2016 03:57:08 -0700

Title: Message Title

Alessio Fabiani created an issue

Issue Type:	Improvement
Affects Versions:	2.10-RC1, 2.9.2
Assignee:	Alessio Fabiani
Components:	Community modules, GeoFence, Security
Created:	19/Oct/16 12:54 PM
Fix Versions:	2.10.0, 2.9.3, 2.11-beta
Priority:	Medium
Reporter:	Alessio Fabiani

GeoFence Server InternalUserResolver currently checks only User Group Services

for (String serviceName : securityManager.listUserGroupServices()) {
...

this completely ignoring roles associate to users from a plain Role Service.

The proposal is to add a check for Role Services too

for (String roleServiceName : securityManager.listRoleServices()) {
if (securityManager.loadRoleService(roleServiceName).getRolesForUser(username) != null &&
!securityManager.loadRoleService(roleServiceName).getRolesForUser(username).isEmpty())

{ return true; }

}

Add Comment

This message was sent by Atlassian JIRA

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

[Geoserver-devel] [JIRA] (GEOS-7803) GeoFence Embedder does not check for plain Rule Services

Reply via email to