geosolutions-it
Improve authentication request interceptor
Description
If you use relative paths like "/geoserver/" and "http://test/geoserver/" with the authkey, the current authenticationRules need two different rules:
- one for the relative URL:
"urlPattern": "^\\/geoserver\\/.*", - one with the absolute url
http(s)?\\:\\/\\/test(\\:443|\\:80)?\\/geoserver\\/.*
We have to investigate if we can improve the behavior to recognize somehow the localhost and add a single rule, or a placeholder for localhost requests.
Acceptance criteria
TBD
- [ ]
- [ ]
Other useful information
@offtherailz Would it be sufficient to use combined regex that will be valid for both relative and absolute url?
/(http(s)?\:\/\/gs-stable\.geo-solutions\.it(\:443|\:80)?\/geoserver\/.*)|(^\/geoserver\/.*)/
with "or" condition to check for localhost absolute urls:
/(http(s)?\:\/\/((gs-stable\.geo-solutions\.it)|(localhost))(\:443|\:80)?\/geoserver\/.*)|(^\/geoserver\/.*)/
Example to test: https://regex101.com/r/ZzAiOC/2
Yes, I though about it. The problem of this solution is that you have to imagine every possible domain the application is deployed on. This will need rules for test environment, production and so on. And they will be forwarded to the production environment. Using data directory may solve the problem, by setting rules by environment on the server. Anyway, adding a "currentPath" property, alternative to "urlPattern", that is a shortcut to check paths of the current domain/ protocol , may simplify life in several projects, that usually have different deployment in test/pre-prod/prod but same shape for relative paths.