On Tue, Nov 13, 2018 at 3:18 PM Simone Giannecchini < simone.giannecch...@geo-solutions.it> wrote:
> A few quick observations: > > -1- I understand the default behavior should be allow all service but it > would be also useful to have some sort of startup config to have a default > controlled by a string that can be NONE|WMS-ONLY (just an idea). > This would allow admin to be more cautious and cover most useful use case > (by experience) > Well, I guess we could have a system variable that sets the default denied services (see backwards compatibility section, everything on by default) or the default enabled services (this would be new, but also possible) that the catalog filter would take into account if a layer does not have an explicit list. > -2- How do you load the available services in the lists. As an instance > WPS might not be installed or I can create my own service that would not > show up in this list hence I would not be able to control it. > The list comes from a application context scan, all services are registered there. The service access page already lists the existing services using this code: https://github.com/geoserver/geoserver/blob/6e9e25c0c7cdda9ada9f33f8255130d3afc76801/src/web/security/core/src/main/java/org/geoserver/security/web/service/AbstractServiceAccessRulePage.java#L90 Cheers Andrea == GeoServer Professional Services from the experts! Visit http://goo.gl/it488V for more information. == Ing. Andrea Aime @geowolf Technical Lead GeoSolutions S.A.S. Via di Montramito 3/A 55054 Massarosa (LU) phone: +39 0584 962313 fax: +39 0584 1660272 mob: +39 339 8844549 http://www.geo-solutions.it http://twitter.com/geosolutions_it ------------------------------------------------------- *Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail.*
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel