Critical
The url for publishing (/remote/secure/client-cert/hessian/**) in web-filters-security.xml has to restrictive of a access value.
Currently the value is set to "IS_AUTHENTICATED_FULLY,group_User_role_publisher" which implies that the user is a member of the publishing group. Which is not always the case.
If a user that is a publisher for a dataset, but not generic publisher they will receive a redirect error when using the Publisher client.
Currently the value is set to "IS_AUTHENTICATED_FULLY,group_User_role_publisher" which implies that the user is a member of the publishing group. Which is not always the case.
If a user that is a publisher for a dataset, but not generic publisher they will receive a redirect error when using the Publisher client.