Re: unexpected behaviour in layer wise security restrictions

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: unexpected behaviour in layer wise security restrictions

Dominik Gärner

I think this is a bug in Geoserver, because the resource should have in this constellation dedicated READ (topp.states.) access. Even if that’s not the case and access is permitted – maybe because the other rule (topp.*.r) is overruling? – than getCapabilities shouldn’t show the resource in HIDE mode.

Can anyone confirm this as a bug?

 

Regards

Dominik

 

Von: Dominik Gärner
Gesendet: Freitag, 20. November 2015 10:20
An: '[hidden email]'
Betreff: unexpected behaviour in layer wise security restrictions

 

Hi, I found some inconsistencies when setting up a security for single layers.

 

What I want is, for a specific role and workspace, to set up something like: “Hide/restrict access to all layers except of…”

 

With a simple set up for the “topp" workspace it would look like this:

*.*.r=*

*.*.w=*

topp.*.r=ADMIN,GROUP_ADMIN

topp.states.r=TEST

mode=HIDE

 

A GetCapabilities request (and also the layer preview in the browser) for a TEST-user looks like what I’d expect: he sees only the topp.states layer from the topp workspace. But the access to it is still restricted, giving me a 404:resource not available.

 

Now, setting the mode=CHALLENGE, I can access topp.states. But this workaround isn’t what I want because it exposes all the layers to a getCapabilities request.

 

Do I misunderstood the security concept or is this a wrong behaviour of Geoserver?

 

Best Regards

Dominik

-- 

Dominik Gärner
GRINTEC GmbH
Anzengrubergasse 6, 8010 Graz, Austria
Tel: +43(316)383706-0
mailto:[hidden email]
http://www.grintec.com

FN 47845k Handelsgericht Graz


------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: unexpected behaviour in layer wise security restrictions

geowolf
Hi Dominik, 
this sounds like a bug, but I'm a bit surprised about it, we have quite a bit of automated tests
that should have caught this issue.
Which version of GeoServer are you using?

Cheers
Andrea


On Mon, Nov 30, 2015 at 5:03 PM, Dominik Gärner <[hidden email]> wrote:

I think this is a bug in Geoserver, because the resource should have in this constellation dedicated READ (topp.states.) access. Even if that’s not the case and access is permitted – maybe because the other rule (topp.*.r) is overruling? – than getCapabilities shouldn’t show the resource in HIDE mode.

Can anyone confirm this as a bug?

 

Regards

Dominik

 

Von: Dominik Gärner
Gesendet: Freitag, 20. November 2015 10:20
An: '[hidden email]'
Betreff: unexpected behaviour in layer wise security restrictions

 

Hi, I found some inconsistencies when setting up a security for single layers.

 

What I want is, for a specific role and workspace, to set up something like: “Hide/restrict access to all layers except of…”

 

With a simple set up for the “topp" workspace it would look like this:

*.*.r=*

*.*.w=*

topp.*.r=ADMIN,GROUP_ADMIN

topp.states.r=TEST

mode=HIDE

 

A GetCapabilities request (and also the layer preview in the browser) for a TEST-user looks like what I’d expect: he sees only the topp.states layer from the topp workspace. But the access to it is still restricted, giving me a 404:resource not available.

 

Now, setting the mode=CHALLENGE, I can access topp.states. But this workaround isn’t what I want because it exposes all the layers to a getCapabilities request.

 

Do I misunderstood the security concept or is this a wrong behaviour of Geoserver?

 

Best Regards

Dominik

-- 

Dominik Gärner
GRINTEC GmbH
Anzengrubergasse 6, 8010 Graz, Austria
Tel: +43(316)383706-0
mailto:[hidden email]
http://www.grintec.com

FN 47845k Handelsgericht Graz


------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Geosolutions' Winter Holidays from 24/12 to 6/1

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: unexpected behaviour in layer wise security restrictions

geowolf
And also, what do you mean by "access"?  GetMap calls?

Cheers
Andrea

On Tue, Dec 1, 2015 at 6:02 PM, Andrea Aime <[hidden email]> wrote:
Hi Dominik, 
this sounds like a bug, but I'm a bit surprised about it, we have quite a bit of automated tests
that should have caught this issue.
Which version of GeoServer are you using?

Cheers
Andrea


On Mon, Nov 30, 2015 at 5:03 PM, Dominik Gärner <[hidden email]> wrote:

I think this is a bug in Geoserver, because the resource should have in this constellation dedicated READ (topp.states.) access. Even if that’s not the case and access is permitted – maybe because the other rule (topp.*.r) is overruling? – than getCapabilities shouldn’t show the resource in HIDE mode.

Can anyone confirm this as a bug?

 

Regards

Dominik

 

Von: Dominik Gärner
Gesendet: Freitag, 20. November 2015 10:20
An: '[hidden email]'
Betreff: unexpected behaviour in layer wise security restrictions

 

Hi, I found some inconsistencies when setting up a security for single layers.

 

What I want is, for a specific role and workspace, to set up something like: “Hide/restrict access to all layers except of…”

 

With a simple set up for the “topp" workspace it would look like this:

*.*.r=*

*.*.w=*

topp.*.r=ADMIN,GROUP_ADMIN

topp.states.r=TEST

mode=HIDE

 

A GetCapabilities request (and also the layer preview in the browser) for a TEST-user looks like what I’d expect: he sees only the topp.states layer from the topp workspace. But the access to it is still restricted, giving me a 404:resource not available.

 

Now, setting the mode=CHALLENGE, I can access topp.states. But this workaround isn’t what I want because it exposes all the layers to a getCapabilities request.

 

Do I misunderstood the security concept or is this a wrong behaviour of Geoserver?

 

Best Regards

Dominik

-- 

Dominik Gärner
GRINTEC GmbH
Anzengrubergasse 6, 8010 Graz, Austria
Tel: +43(316)383706-0
mailto:[hidden email]
http://www.grintec.com

FN 47845k Handelsgericht Graz


------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users




--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Geosolutions' Winter Holidays from 24/12 to 6/1

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054  Massarosa (LU)
Italy
phone: <a href="tel:%2B39%200584%20962313" value="+390584962313" target="_blank">+39 0584 962313
fax: <a href="tel:%2B39%200584%201660272" value="+3905841660272" target="_blank">+39 0584 1660272
mob: <a href="tel:%2B39%20%C2%A0339%208844549" value="+393398844549" target="_blank">+39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------



--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Geosolutions' Winter Holidays from 24/12 to 6/1

Ing. Andrea Aime 
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39  339 8844549


AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.


-------------------------------------------------------

------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
Reply | Threaded
Open this post in threaded view
|

Re: unexpected behaviour in layer wise security restrictions

Dominik Gärner

Hi Andrea,

my tested Geoserver versions are 2.7.3 and an earlier version (2.6.1 I think)

Here are the requests and results I tried so far:

From the layer preview dialog (resource based URL):

-          [1] WMS getMap (1.1.1) à error 404

-          [2] WFS getFeature (1.0.0) à error 404

Other requests (with URL …/wfs... )

-          [3] WFS describeFeatureType (1.1.0) à response: <ows:ExceptionText>Could not find type: {http://www.opengeospatial.net/cite}states</ows:ExceptionText>

-          [4] WFS getFeature (1.1.0) à response: <ows:ExceptionText>Unknown namespace [topp]</ows:ExceptionText>

 

And to make it interesting, I found something that works in one way (with URL …/wms) and doesn’t in another (with URL …/topp/wms)

-          [5] WMS getMap (1.3.0) à works!

-          [6] WMS getMap (1.3.0) à error 404

 

Just to make it clear: the results listed above are with the TEST user & mode=HIDE. All requests do work with an admin user or with TEST user & mode=CHALLENGE.

 

If you like I’ll create a JIRA call for that, ok?

 

Best Regards

Dominik

 

[1] http://localhost:8090/geoserver/topp/wms?SERVICE=WMS&VERSION=1.1.1&REQUEST=GetMap&FORMAT=image%2Fpng&TRANSPARENT=true&LAYERS=topp%3Astates&STYLES&SRS=EPSG%3A4326&WIDTH=768&HEIGHT=330&BBOX=-129.814453125%2C23.115234375%2C-62.314453125%2C52.119140625

[2] http://localhost:8090/geoserver/topp/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=topp:states&maxFeatures=50&outputFormat=application%2Fgml%2Bxml%3B+version%3D3.2

 

[3] http://localhost:8090/geoserver/wfs?service=WFS&version=1.1.0&request=DescribeFeatureType&typename=topp:states

[4] http://localhost:8090/geoserver/wfs?service=WFS&version=1.1.0&request=GetFeature&maxfeatures=3&srsname=EPSG:3857&typename=topp:states

 

[5] http://localhost:8090/geoserver/wms?version=1.3.0&request=GetMap&CRS=CRS:84&WIDTH=768&HEIGHT=330&LAYERS=topp:states&STYLES=&TRANSPARENT=TRUE&FORMAT=image/png&BBOX=-129.814453125%2C23.115234375%2C-62.314453125%2C52.119140625

[6] http://localhost:8090/geoserver/topp/wms?version=1.3.0&request=GetMap&CRS=CRS:84&WIDTH=768&HEIGHT=330&LAYERS=topp:states&STYLES=&TRANSPARENT=TRUE&FORMAT=image/png&BBOX=-129.814453125%2C23.115234375%2C-62.314453125%2C52.119140625

 

Von: [hidden email] [mailto:[hidden email]] Im Auftrag von Andrea Aime
Gesendet: Dienstag, 01. Dezember 2015 18:03
An: Dominik Gärner
Cc: [hidden email]
Betreff: Re: [Geoserver-users] unexpected behaviour in layer wise security restrictions

 

And also, what do you mean by "access"?  GetMap calls?

 

Cheers

Andrea

 

On Tue, Dec 1, 2015 at 6:02 PM, Andrea Aime <[hidden email]> wrote:

Hi Dominik, 

this sounds like a bug, but I'm a bit surprised about it, we have quite a bit of automated tests

that should have caught this issue.

Which version of GeoServer are you using?

 

Cheers

Andrea

 

 

On Mon, Nov 30, 2015 at 5:03 PM, Dominik Gärner <[hidden email]> wrote:

I think this is a bug in Geoserver, because the resource should have in this constellation dedicated READ (topp.states.) access. Even if that’s not the case and access is permitted – maybe because the other rule (topp.*.r) is overruling? – than getCapabilities shouldn’t show the resource in HIDE mode.

Can anyone confirm this as a bug?

 

Regards

Dominik

 

Von: Dominik Gärner
Gesendet: Freitag, 20. November 2015 10:20
An: '[hidden email]'
Betreff: unexpected behaviour in layer wise security restrictions

 

Hi, I found some inconsistencies when setting up a security for single layers.

 

What I want is, for a specific role and workspace, to set up something like: “Hide/restrict access to all layers except of…”

 

With a simple set up for the “topp" workspace it would look like this:

*.*.r=*

*.*.w=*

topp.*.r=ADMIN,GROUP_ADMIN

topp.states.r=TEST

mode=HIDE

 

A GetCapabilities request (and also the layer preview in the browser) for a TEST-user looks like what I’d expect: he sees only the topp.states layer from the topp workspace. But the access to it is still restricted, giving me a 404:resource not available.

 

Now, setting the mode=CHALLENGE, I can access topp.states. But this workaround isn’t what I want because it exposes all the layers to a getCapabilities request.

 

Do I misunderstood the security concept or is this a wrong behaviour of Geoserver?

 

Best Regards

Dominik

-- 

Dominik Gärner
GRINTEC GmbH
Anzengrubergasse 6, 8010 Graz, Austria
Tel: +43(316)383706-0
mailto:[hidden email]
http://www.grintec.com

FN 47845k Handelsgericht Graz

 

------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users



 

--

==

GeoServer Professional Services from the experts! Visit

http://goo.gl/it488V for more information.

==

 

Geosolutions' Winter Holidays from 24/12 to 6/1

 

Ing. Andrea Aime 

@geowolf

Technical Lead

 

GeoSolutions S.A.S.

Via Poggio alle Viti 1187

55054  Massarosa (LU)

Italy

phone: <a href="tel:%2B39%200584%20962313" target="_blank">+39 0584 962313

fax: <a href="tel:%2B39%200584%201660272" target="_blank">+39 0584 1660272

mob: <a href="tel:%2B39%20%C2%A0339%208844549" target="_blank"> +39  339 8844549

 

 

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

 

-------------------------------------------------------



 

--

==

GeoServer Professional Services from the experts! Visit

http://goo.gl/it488V for more information.

==

 

Geosolutions' Winter Holidays from 24/12 to 6/1

 

Ing. Andrea Aime 

@geowolf

Technical Lead

 

GeoSolutions S.A.S.

Via Poggio alle Viti 1187

55054  Massarosa (LU)

Italy

phone: +39 0584 962313

fax: +39 0584 1660272

mob: +39  339 8844549

 

 

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003.

 

The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility  for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc.

 

-------------------------------------------------------


------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911&iu=/4140
_______________________________________________
Geoserver-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/geoserver-users