You are here: Wiki>Security Web>SecurityDocs>WFSInterceptor (10 Jan 2010, MartinWilden)Edit Attach

The WFS Interceptor

Function mode of the WFS-interceptors:

WFSGetCapabilitiesInterceptor

  • Interceptor for WFS GetCapabilities request
  • Filters unauthorized feature types from the capabilities
  • Resource: /featuretype
  • Action: /operations/GetCapabilities
  • Supported HTTP method: GET

WFSGetFeatureInterceptor

  • Interceptor for WFS GetFeature requests
  • Requests the rights for every requested feature
  • Only if the user has the permission, the feature is added to the service request
  • Resource: /featuretype
  • Action: /operations/GetFeature
  • If the user has no rights for the requested Feature an EnforcementServiceException is thrown "Not allowed"
  • Supported HTTP method: GET and POST

WFSDescribeFeatureTypeInterceptor

  • Interceptor for SOS DescribeFeatureType requests
  • Requests the rights for every requested feature type
  • Only if the user has the permission, the feature is added to the service request
  • Resource: /featuretype
  • Action: /operations/DescribeFeatureType
  • If the user has no rights for the requested Feature an EnforcementServiceException is thrown "Not allowed"
  • Supported HTTP method: GET and POST

Example Permissions

A.
   <Permission name="alice_all">
         <Resource value="/featuretype/*"/>
         <!-- Any operations allowed -->
         <Action value="/operations/*"/>
         <!-- Any operations -->
         <Subject value="alice"/>
      </Permission>

B.
   <Permission name="bob_Capabilities">
         <Resource value="/featuretype/topp%3Astates"/>
         <Resource value="/featuretype/tiger%3Apoly_landmarks"/> 
         <Resource value="/featuretype/topp%3Atasmania_state_boundaries"/>
         <Action value="/operations/GetCapabilities"/>
         <Subject value="bob"/>
      </Permission>
Topic revision: r3 - 10 Jan 2010, MartinWilden
Legal Notice | Privacy Statement


Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Wiki? Send feedback