Thinking that this may be by design?

Admin gets full access, … including by default the rest api.

Role Admin is used to unlock some of the data admin screens in the user
interface ( and can be set on a workspace or layer level. )

Admin is required for the more advanced user interface screens like global
settings.

It may be that some of the REST API endpoints could be configured allow
Role Admin access?

--
Jody Garnett


On Mon, May 6, 2024 at 5:49 PM David Blasby via Geoserver-devel <
geoserver-devel@lists.sourceforge.net> wrote:

> Hi,
>
> I was doing some testing for the JWT Headers SSO module, and noticed a
> problem when accessing the REST API.
>
> I've tracked this down to the roles "ADMIN" vs role "ROLE_ADMINISTRATOR".
>
> I believe (could be wrong) that the WEB uses the role
> "ROLE_ADMINISTRATOR", but the REST API uses the role "ADMIN".
>
> This seems to be setup in -
> https://github.com/geoserver/geoserver/blob/main/data/release/security/rest.properties
>
>
> When I add "ADMIN" to my roles, the REST API allows me access.
>
> I am a bit confused on this - what is the difference between these roles
> and should admin users have both these roles ("ADMIN" and
> "ROLE_ADMINISTRATOR")?
>
> Thanks,
> Dave
> _______________________________________________
> Geoserver-devel mailing list
> Geoserver-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-devel
>
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Reply via email to