Thinking that this may be by design? Admin gets full access, … including by default the rest api.
Role Admin is used to unlock some of the data admin screens in the user interface ( and can be set on a workspace or layer level. ) Admin is required for the more advanced user interface screens like global settings. It may be that some of the REST API endpoints could be configured allow Role Admin access? -- Jody Garnett On Mon, May 6, 2024 at 5:49 PM David Blasby via Geoserver-devel < geoserver-devel@lists.sourceforge.net> wrote: > Hi, > > I was doing some testing for the JWT Headers SSO module, and noticed a > problem when accessing the REST API. > > I've tracked this down to the roles "ADMIN" vs role "ROLE_ADMINISTRATOR". > > I believe (could be wrong) that the WEB uses the role > "ROLE_ADMINISTRATOR", but the REST API uses the role "ADMIN". > > This seems to be setup in - > https://github.com/geoserver/geoserver/blob/main/data/release/security/rest.properties > > > When I add "ADMIN" to my roles, the REST API allows me access. > > I am a bit confused on this - what is the difference between these roles > and should admin users have both these roles ("ADMIN" and > "ROLE_ADMINISTRATOR")? > > Thanks, > Dave > _______________________________________________ > Geoserver-devel mailing list > Geoserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-devel >
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel