Uploaded image for project: 'Gateway'
  1. Gateway
  2. GTWY-2370

Unable to use Publisher Client due to Security Misconfiguration

XMLWordPrintable

    • Icon: Defect Defect
    • Resolution: Done
    • Icon: Critical Critical
    • 1.3.0-RC2, 1.3.0
    • 1.3.0-RC1
    • Security
    • None

      The url for publishing (/remote/secure/client-cert/hessian/**) in web-filters-security.xml has to restrictive of a access value.

      Currently the value is set to "IS_AUTHENTICATED_FULLY,group_User_role_publisher" which implies that the user is a member of the publishing group. Which is not always the case.

      If a user that is a publisher for a dataset, but not generic publisher they will receive a redirect error when using the Publisher client.

              nhook Nathan Hook
              stephen.pascoe Stephen Pascoe (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: