This repository is no longer actively maintained as the Open Geospatial Consortium has released the GeoXACML 3.0 and the GeoXACML JSON Profile 1.0 standards. The GeoXACML 1.0 implementation repository authzforce-geoxacml-basic is no longer maintained and has become a public archive. Please use the corresponding implementation from Github repository authzforce-ce-geoxacml3.
Dockerized SEcure Dimensions geoPDP service processing GeoXACML authorization decision requests
This project enables you to build a docker container that acts as a geoPDP for the geopep Apache2 reverse proxy container (geoPEP) available from Secure Dimensions.
How to build and run a docker container for the 'geoPEP' is described here.
The geoPDP is an extension to the Thales AuthzForce PDP that is implemented in Java. We therefore deploy the geoPDP as an extension to the Thales implementation on the Tomcat Servlet Engine.
Therefore, this docker image uses the 'tomcat' template.
Change directory to where you like to clone this repository. For the ease of description, let's assume that this is '/opt'.
Now, clone this repository with
git clone https://github.com/securedimensions/geopdp-docker.git
Then, build the docker image with:
docker build --tag geopdp .
You need to adopt the listen port to meet your environment. The command below will make the geoPDP listen on port 8080. Please note: If you change the port you MUST change the port in the virtualhosts configuration file of the 'geopep-apache2-reverse-proxy'!
docker create --name geopdp -p8080:8080 -v /opt/geopdp-docker/tomcat/logs:/usr/local/tomcat/logs geopdp
You can simply start the geopdp with:
docker container start geopdp
You can determine a successful startup using the 'netstat' command.
You can simply stop the geopdp with:
docker container stop geopdp
The executed geoPDP operates on an example GeoXACML policy that acts on OGC Web Map Service. Requests for any other OGC service result in a PERMIT decision which will cause the geoPEP to permit the Apache reverse proxy to process the intercepted request.
For WMS requests, the policy will return different responses based on the WMS operation. Each response will cause the geoPEP to function differently. For this example setup, only image redaction is triggered from the policy:
- WMS / GetMap or WMTS/GetTile request: A request will cause the GeoPDP to return Permit+Obligation. The Obligation has the identifier "Image-Redact" and a MultiPolygon that defines the area to be redacted. The Policy acts on WMS/WMTS requests using EPSG:4326 and EPSG:3857 spatial reference systems.
This example project uses the tomcat8 jre8 docker template. geometry. The geoPEP will use the information to redact the map image in the given geometry before sending it to the client.
The default configuration exposes the geoPDP on port 8080. The following two requests are snapshots from the XACML3 compliant authorization decision requets leveraging the GeoXACML extension (data type 'urn:ogc:def:dataType:geoxacml:1.0:geometry').
You can send the requests below using CURL:
curl -i -L -X POST \
-H "Content-Type:application/xacml+json" \
-d \
'<COPY REQUEST FROM BELOW HERE>' \
'http://localhost:8080/authzforce-ce/domains/A0bdIbmGEeWhFwcKrC9gSQ/pdp'
You can observe the activity of the geoPDP by following the log file (lots of prinouts as the logging level is DEBUG:
tail -f /opt/geopdp-docker/tomcat/logs/authzforce-ce.log
{"Request": {"ReturnPolicyIdList": false,"CombinedDecision": false,"Category": [{"CategoryId": "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject","Attribute": []},{"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:resource","Attribute": [{"IncludeInResult": false,"AttributeId": "urn:sd:path","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["/geoserver/topp/wms"]},{"IncludeInResult": false,"AttributeId": "sd:urn:hostname","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["spx.landsense.secure-dimensions.de"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:ows:service","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["WMS"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:ows:version","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["1.1.1"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:ows:request","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["GetMap"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:format","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["image/png"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:transparent","DataType": "http://www.w3.org/2001/XMLSchema#boolean","Value": [true]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:layers","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["topp:states"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:width","DataType": "http://www.w3.org/2001/XMLSchema#integer","Value": [256]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:height","DataType": "http://www.w3.org/2001/XMLSchema#integer","Value": [256]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:crs","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["EPSG:3857"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:styles","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": [""]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:bbox","DataType": "urn:ogc:def:dataType:geoxacml:1.0:geometry","Value": ["POLYGON((-1.00188e+07 3.13086e+06,-1.00188e+07 3.44395e+06,-9.70567e+06 3.44395e+06,-9.70567e+06 3.13086e+06,-1.00188e+07 3.13086e+06))"]},]},{"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:action","Attribute": [{"IncludeInResult": false,"AttributeId": "urn:sd:method","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["GET"]},]},{"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:environment","Attribute": [{"IncludeInResult": false,"AttributeId": "urn:sd:method","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["GET"]},{"IncludeInResult": false,"AttributeId": "urn:sd:datetime","DataType": "http://www.w3.org/2001/XMLSchema#dateTime","Value": ["2018-11-21T10:57:26Z"]},{"IncludeInResult": false,"AttributeId": "urn:sd:date","DataType": "http://www.w3.org/2001/XMLSchema#date","Value": ["2018-11-21"]},{"IncludeInResult": false,"AttributeId": "urn:sd:time","DataType": "http://www.w3.org/2001/XMLSchema#time","Value": ["10:57:26Z"]},{"IncludeInResult": false,"AttributeId": "urn:sd:host","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["spx.landsense.secure-dimensions.de:88"]},{"IncludeInResult": false,"AttributeId": "urn:sd:user-agent","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:63.0) Gecko/20100101 Firefox/63.0"]},{"IncludeInResult": false,"AttributeId": "urn:sd:accept","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["*/*"]},{"IncludeInResult": false,"AttributeId": "urn:sd:accept-language","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["de","en;q=0.7","en-US;q=0.3"]},{"IncludeInResult": false,"AttributeId": "urn:sd:accept-encoding","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["gzip"," deflate"]},{"IncludeInResult": false,"AttributeId": "urn:sd:dnt","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["1"]},{"IncludeInResult": false,"AttributeId": "urn:sd:connection","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["keep-alive"]},{"IncludeInResult": false,"AttributeId": "urn:sd:cookie","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["JSESSIONID=662FFF09AFE47702BA26BD165F7C94BC"]},{"IncludeInResult": false,"AttributeId": "urn:sd:cache-control","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["max-age=0"]},{"IncludeInResult": false,"AttributeId": "urn:sd:tiled","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["true"]},]},]}}
The response from the geoPDP is this:
{"Response":[{"Decision":"Permit","Obligations":[{"AttributeAssignment":[{"Value":"16711680","DataType":"http://www.w3.org/2001/XMLSchema#integer","Category":"urn:oasis:names:tc:xacml:3.0:attribute-category:resource","AttributeId":"urn:SD:Obligation:Redact:Color"},{"Value":"0.5","DataType":"http://www.w3.org/2001/XMLSchema#double","Category":"urn:oasis:names:tc:xacml:3.0:attribute-category:resource","AttributeId":"urn:SD:Obligation:Redact:Transparency"},{"Value":"MULTIPOLYGON (((-10431455.4874625 3534356.14030115, -10430548.4562515 3541833.8612131, -10433950.7138486 3542804.47424592, -10437223.9521559 3547441.44375235, -10437241.7632744 3549153.59107653, -10435961.0325328 3550865.06754549, -10436752.6254319 3552720.13881121, -10435374.1561774 3556209.21722869, -10433033.552564 3559327.68470381, -10430254.5727958 3560574.02256255, -10431017.3339467 3563141.19860167, -10430410.8653609 3564114.22805031, -10432289.4930875 3566514.31895677, -10431446.1366253 3567497.81559306, -10432265.782036 3568644.18431961, -10431244.0917495 3570936.97716364, -10434566.5332717 3573865.47099895, -10432626.6798251 3576791.67474668, -10432619.1100997 3579277.59686952, -10429903.8050803 3580759.09229072, -10427473.1439988 3580629.37685305, -10429823.209769 3582952.68931867, -10428920.4086986 3583939.67461215, -10429843.5812358 3586089.32101725, -10428184.030267 3586044.1663671, -10426182.1718641 3590336.13909688, -10421464.3405248 3592140.87167862, -10420885.9244506 3595186.71437233, -10421484.7119916 3598063.90348934, -10420356.0436745 3597994.22880469, -10421558.6281335 3599778.826289, -10417854.0267994 3603198.1075557, -10417486.2272018 3607066.86706556, -10414014.2836035 3610476.35212244, -10414566.3169583 3612291.13270477, -10415768.9014173 3612654.95040447, -10414250.3922434 3614617.49346841, -10415145.5122689 3616121.47659207, -10415997.4403319 3617983.25953581, -10415549.8246595 3620019.68518816, -10413550.5266048 3620461.05422458, -10413896.2849432 3622997.868159, -10411710.192783 3623268.56491852, -10411224.3945252 3624416.95062901, -10411955.5409407 3627650.4954388, -10412528.8363183 3627150.97504306, -10413790.9767049 3628878.3522617, -10416438.154196 3629655.6596664, -10415157.4234544 3631669.97871607, -10416259.0411353 3632394.73585718, -10415930.314679 3634427.68456853, -10415601.5882227 3635095.19002436, -10413617.6522578 3634585.75762239, -10409175.7819361 3637803.11936681, -10411237.9755031 3640151.29405442, -10410264.5978756 3642450.39579504, -10413282.246632 3643451.47239575, -10413172.5969336 3645060.48761866, -10415049.5548678 3645812.55118591, -10414681.8665898 3646957.56979838, -10412278.367464 3647832.49436129, -10411499.464987 3649113.72259311, -10412547.5379928 3649961.09936009, -10413291.4861497 3653437.1757059, -10411525.8477063 3653928.52286853, -10412493.2140813 3655671.48676676, -10411370.4456971 3655897.36025113, -10411592.0828033 3656899.00812608, -10414004.1535298 3657569.81162669, -10416937.5334317 3655125.03578641, -10418829.8534557 3656173.5924971, -10419829.502483 3658628.72751768, -10418451.9237844 3662614.43575222, -10420728.8526491 3664241.96932768, -10420826.4798426 3667867.94764203, -10421336.1004714 3668619.71186189, -10422936.2068321 3668371.98405944, -10424579.6164747 3670502.84092299, -10425752.4786297 3670035.06018737, -10428586.5615458 3673423.38888472, -10428080.3918211 3675470.15387555, -10423384.601741 3681393.45397811, -10426302.8421921 3681206.7470158, -10426630.6780925 3684588.5137246, -10429243.9031389 3685605.93879073, -10430017.6849194 3686883.15455508, -10430205.3695809 3688424.28658866, -10429189.5792274 3689780.47118629, -10430850.7999885 3690839.95234639, -10430460.1798953 3692824.37795466, -10433617.8685711 3692565.58964746, -10436340.7433159 3695962.37765762, -10436250.6858479 3696622.52789589, -10432750.6897379 3697255.16728962, -10431281.3837789 3700541.08530321, -10434160.5510888 3700711.89471189, -10435928.7498805 3702780.73283053, -10437683.4790139 3701867.2716111, -10439556.095488 3702260.51911893, -10442938.8721742 3705568.94984191, -10443585.1931378 3707926.85930977, -10445399.3668792 3709635.18179846, -10445728.872572 3712903.52450473, -10443948.7625947 3713283.01026879, -10443407.7498695 3717188.88521522, -10442483.6867764 3717947.48223235, -10443086.704458 3720667.75769239, -10440907.4027868 3725486.07217612, -10442744.3970238 3724984.9066132, -10443432.3514769 3725611.17051608, -10442880.3181221 3727966.9503031, -10445237.0630617 3730968.3172742, -10444224.7236124 3733764.44991137, -10445589.611889 3737350.24707602, -10448984.1884413 3739348.56537309, -10450384.6989549 3743651.67042093, -10450814.5035089 3746444.3129636, -10452068.0722947 3746266.8291668, -10452817.9203847 3749464.16559969, -10455511.9633814 3749220.03223859, -10454895.3647219 3751463.43911717, -10456877.6308944 3751431.17956653, -10460690.991371 3753228.9286555, -10461495.274692 3756245.23236392, -10464521.3837298 3760415.52002168, -10465132.8616927 3761884.38029175, -10467935.5525124 3762590.39467841, -10467902.3793041 3789519.84470971, -10467954.2541868 3814511.59946633, -10468507.0667781 3854865.20269006, -10468663.3593432 3879697.88762664, -10468345.764836 3898395.5967699, -10442853.9354028 3898303.32314313, -10409679.502632 3898111.87428412, -10406023.2139569 3898143.87072013, -10378580.621767 3897857.76461599, -10350355.7875154 3897711.32879145, -10321218.0221197 3897520.95168245, -10248440.6786238 3896634.69008279, -10180652.0067883 3897145.64967198, -10177665.8614478 3897085.37944105, -10158417.3856557 3897092.94639134, -10148122.1138692 3897034.80047791, -10148092.3915651 3895342.98704164, -10153357.2468822 3886792.48137543, -10152149.5417266 3883915.93919442, -10148964.691095 3882703.99744354, -10145344.1359764 3884396.50741704, -10144538.0715436 3887006.55931939, -10144807.3533918 3892015.82534357, -10142520.9623704 3893625.00781711, -10140390.0846777 3893660.97343391, -10138488.5251359 3889161.61603737, -10138926.7899712 3879010.73333451, -10145897.8391236 3874246.56121887, -10147477.5740175 3863845.90266413, -10145265.099138 3862316.37027362, -10140950.6896333 3862087.65241301, -10136644.7404099 3858662.84182953, -10145609.0763645 3850680.81318228, -10146355.5848698 3848258.32969997, -10142429.23511 3842003.44592286, -10137177.1815344 3843174.34123572, -10135375.8095344 3844226.93769028, -10133131.163322 3847815.45576245, -10130950.9710948 3847970.26145312, -10129643.0783975 3845763.24901433, -10129924.1601118 3844374.16328894, -10133672.1760473 3840040.76132078, -10136626.8179719 3839210.73146611, -10138229.4846809 3837258.67974096, -10137096.4749036 3834689.8533301, -10129524.9684178 3830660.56758805, -10129188.6722361 3828500.99113767, -10132264.8750447 3827911.43603386, -10134214.8585649 3828722.06535118, -10139956.940539 3835545.18653809, -10143292.1838027 3832300.87280291, -10143174.0738229 3828934.96041032, -10136586.9655942 3822130.27859603, -10133069.1583657 3821525.87033939, -10128676.6025784 3822917.29533395, -10126231.4699632 3821211.93841085, -10126732.5189912 3818439.80434257, -10131098.8033786 3815547.55032693, -10129947.0919269 3811481.12351586, -10128355.557167 3810184.5984186, -10120603.1565087 3808801.24913534, -10117289.1752677 3813474.15692976, -10116197.79898 3813249.41159431, -10120764.4584508 3803455.29191151, -10122197.2516168 3802413.27983398, -10126918.5338603 3803242.19356874, -10127932.543102 3802445.94010563, -10128272.2901879 3801060.45926261, -10126847.1780667 3798681.77357118, -10127537.6928681 3792671.73113145, -10134710.0076599 3796098.09324609, -10137026.9002218 3793900.55500863, -10139860.2039015 3793853.96846397, -10141269.1746965 3791550.92434338, -10142981.3797844 3792961.35794272, -10147580.3219075 3790363.91522832, -10148646.9852683 3785908.08980722, -10147499.6152767 3782330.68634989, -10142175.3153515 3781043.36640021, -10139314.0704797 3782829.77036049, -10136090.1467068 3780964.62245377, -10135117.6596352 3784156.86168772, -10136137.6801294 3787557.76861665, -10132791.4162361 3785633.23118283, -10130500.0158376 3785549.45973646, -10131329.791322 3780920.97828548, -10134647.1121476 3777452.30066941, -10138290.5990813 3775655.13406076, -10137310.5422844 3770998.94337132, -10140014.7153547 3770774.46920016, -10144057.3939824 3774899.73684181, -10146279.9989355 3774561.93238307, -10145993.7965247 3771991.06698103, -10139745.544826 3769042.38938438, -10138215.0131471 3767511.06989857, -10138130.9669315 3766075.00309954, -10142096.3898325 3762237.841698, -10148222.4127304 3761773.73706025, -10152496.8585379 3752064.97751234, -10157276.806153 3747373.85157256, -10159526.573062 3745658.50161083, -10156931.9383706 3741700.86026609, -10157972.3303315 3739530.27085889, -10160874.4294565 3740671.78959828, -10162638.3981076 3745122.02957408, -10163843.5429149 3745338.55536703, -10167335.8579801 3742761.07545989, -10168715.106471 3736518.92334264, -10170930.1416988 3733249.45529422, -10167492.9297816 3732300.70737783, -10159303.154844 3733650.13571437, -10159448.4267794 3731795.59423151, -10161522.4202124 3730502.53243567, -10167899.8025205 3731635.73776985, -10171304.6204659 3730972.24470982, -10170700.8235478 3730745.24102017, -10173247.0342607 3726156.46254937, -10173384.6251513 3718035.49353617, -10175523.9631254 3714233.67211648, -10180975.612548 3714421.5385917, -10185471.8067812 3717550.32770796, -10186589.4544687 3716631.70422031, -10186708.4550044 3713765.12981995, -10185403.0113359 3711466.21346415, -10176301.0844906 3711235.39158876, -10175061.9872386 3709112.97655643, -10177213.2363982 3706028.42352578, -10181765.4243352 3703431.45569052, -10186049.3322994 3702388.38279728, -10186441.7335044 3701187.64025157, -10186599.6958619 3691709.52617434, -10182747.262244 3687441.97837375, -10181926.8375969 3685315.08822868, -10183587.2791215 3681886.83299752, -10185131.2804588 3681556.82490429, -10188282.1786457 3683752.96070684, -10189523.836246 3685989.27212905, -10189594.3014837 3689263.1593682, -10191561.316886 3689101.90346182, -10193259.940996 3687576.33991401, -10192329.97797 3683249.33509493, -10189568.8093203 3682534.74910692, -10190663.6365123 3680725.52033056, -10190483.5215762 3677872.05572838, -10186361.0268736 3674805.54004552, -10185995.7876243 3671600.39143543, -10187621.3861484 3669543.59045956, -10192056.4659811 3667902.20062488, -10200660.683383 3668842.95770427, -10201714.6563218 3667986.46597388, -10200970.7081648 3664078.04750558, -10196959.4216336 3660540.52451513, -10195904.6694583 3655927.41630921, -10199091.1898823 3649320.87977042, -10192953.2557989 3643397.66019103, -10191518.0136041 3640281.63133122, -10193822.9949805 3636966.83922161, -10199943.8971817 3634279.35491079, -10200447.5065581 3632903.16901866, -10150010.982989 3632786.0262455, -10136408.63177 3632780.31199222, -10111106.2681101 3632926.8054997, -10081110.6747184 3632947.58486096, -10079151.3403609 3633028.49483107, -10056999.874888 3633425.90942253, -10047617.645565 3633683.0668377, -10000217.3611072 3633658.51976294, -9988992.1262946 3633692.15835922, -9987979.78684533 3632923.29898592, -9988331.33379726 3630727.5072347, -9987556.77278031 3629542.96200167, -9989749.76674894 3628232.60228963, -9990753.53459742 3626213.64973204, -9989855.85422367 3623132.69672735, -9991812.62823283 3622475.30774941, -9990443.62113506 3621056.31750019, -9990559.95000294 3620107.51663568, -9992397.83479593 3619806.14189641, -9992680.69762204 3614826.9274853, -9994814.91489953 3614761.43845079, -9993676.89574515 3610735.75696688, -9996047.3329821 3610550.76355377, -9996099.98710124 3608418.15787241, -9997699.20290598 3608294.50594704, -9999230.40250184 3605446.5741705, -9997968.37343472 3600062.61881308, -9999328.14101476 3599347.64498239, -9999086.91167821 3598105.08685016, -10000446.6792583 3597626.95381034, -10001385.9931216 3595433.630155, -9999902.21562878 3594314.45579922, -10001084.428621 3593896.15063904, -10001133.7431554 3591173.81947282, -10000422.0776508 3590703.07036306, -10001541.3951307 3589456.58333398, -9999768.9661983 3590054.76770666, -9998636.84697693 3587514.55796253, -9997098.74557264 3587283.06722004, -9998742.93445166 3584024.53569524, -9995463.79621136 3574930.07720913, -9993454.36808305 3574581.44621538, -9991493.36393324 3569977.11642828, -9988948.82301269 3567679.33100296, -9987472.72656477 3567446.78504245, -9986818.83587585 3565557.89609271, -9984870.52214798 3565148.42880449, -9984749.85181996 3563849.20115629, -9983509.08477558 3563142.87750988, -9982619.86468313 3560900.31412929, -9982609.62328997 3555055.07522704, -9980305.53246953 3552343.86386309, -9979417.09161351 3549276.40300523, -9977943.55551388 3549278.59608625, -9976468.34962189 3547746.24135852, -9976289.12524171 3545209.40923071, -9978347.86790444 3543672.64811828, -9978580.5256402 3541607.85110118, -9977107.8800965 3540902.12733089, -9976631.4326759 3536597.98744678, -9974922.67849223 3535420.63637843, -9975333.67005223 3534594.77756685, -9971313.14400325 3528606.2381687, -9988530.92964425 3526813.42147416, -9991943.42863452 3533264.29042127, -10012460.8353021 3538259.04282812, -10027157.1231572 3551042.21461781, -10045434.113753 3552586.97026211, -10053145.7714777 3542641.23894547, -10066003.2839839 3527439.41681493, -10062779.360211 3515365.50784997, -10049467.4415435 3511502.82158935, -10031163.2889918 3508873.69562297, -10017694.2985228 3510423.86644322, -10006638.0466972 3523604.21549957, -9996290.23211101 3517076.02835819, -9989814.22073411 3523969.59450594, -9988126.72857318 3519099.51067169, -9981923.44994872 3524543.04703231, -9979718.65611407 3519270.9372266, -9987226.48785113 3510625.01409958, -10001933.7963358 3504897.66370167, -9998804.1601716 3497264.21007096, -9987023.44109992 3499591.66173726, -9986710.07673334 3490358.61685484, -9977271.74238694 3487553.33732436, -9972646.52886397 3490439.38575887, -9971368.35847068 3504675.78097861, -9955948.382606 3509233.25054796, -9957926.41863791 3501690.12401382, -9949485.28429003 3497263.69616137, -9955413.38113325 3495849.36680387, -9952202.14778234 3483736.65842514, -9954311.76345236 3481446.34970702, -9947953.97337468 3477427.52381562, -9953896.5417517 3475652.52827321, -9961111.2692695 3481812.06326826, -9967596.52016414 3472035.05728792, -9979851.12630811 3473595.51816087, -9973426.98981393 3466411.19892055, -9975537.49603987 3464730.12093064, -9964417.68078504 3460484.89257367, -9960771.63350309 3456841.45657008, -9973991.82491021 3460554.32819194, -9982758.23481018 3465398.19402145, -9984831.44900672 3464259.94026445, -9978144.93247273 3455606.63143158, -9988503.76768849 3458122.51087593, -9990755.31570928 3456995.52985528, -9987934.81377105 3452980.87570865, -9993341.3787999 3453521.06728387, -9968056.04702213 3435791.55479844, -9967215.25090817 3426814.18143738, -9950233.46258765 3426365.1817986, -9944950.01691563 3419078.1976007, -9936903.7328016 3420326.14898152, -9936656.60353204 3413577.37353445, -9928958.52678521 3420119.76644619, -9921893.96926049 3412693.83223995, -9920812.8343659 3402613.54659572, -9911132.49144652 3404084.16126431, -9918369.37154299 3396436.60359672, -9909856.88140152 3394355.66766372, -9913858.81709554 3386475.70884603, -9921516.03958924 3392850.46163341, -9919831.1077766 3386187.5726861, -9924575.21051573 3382901.58648083, -9923503.42645837 3377739.79066981, -9934275.1456655 3391048.39288645, -9936093.43822811 3383187.48555878, -9951388.51362413 3367937.68832346, -9936738.0893993 3394494.98125262, -9942949.82830505 3398571.42040077, -9945248.13051197 3388923.59288232, -9950694.65923801 3388398.94414162, -9951192.36868135 3394246.56308824, -9959422.88655264 3403179.19709089, -9958537.1173644 3408207.61201974, -9962330.88561063 3405561.31991438, -9976400.4447325 3411249.5588008, -9975412.7068907 3417911.32061049, -9995919.87216514 3416734.07860735, -9991329.3903233 3423343.07930516, -9998903.45715738 3429300.44324491, -9998433.80022573 3436550.71235876, -10015043.558808 3435918.14190432, -10015621.0843262 3439865.33902302, -10019491.3290627 3438636.73854438, -10031334.0530907 3446301.60099897, -10034028.8753238 3443737.48489637, -10035643.3418988 3451608.28388613, -10041916.3065245 3445134.70456423, -10038130.1080036 3438893.16697705, -10022762.8975776 3432655.14653798, -10024904.7958999 3430242.37212912, -10022079.1732651 3423332.60441604, -10024973.5913452 3420423.33892049, -10022419.6995875 3414988.84077634, -10031173.530385 3416629.89398546, -10027415.3843758 3402955.86744267, -10023545.0283199 3404116.81512498, -10027406.812775 3398093.048369, -10044099.8383364 3388181.7268512, -10048128.9359862 3399139.82867419, -10045786.5512609 3408080.14596629, -10049783.3662583 3410685.60043064, -10050371.0218502 3406905.44985462, -10057444.9302122 3415509.7065953, -10062875.3176121 3410326.74212855, -10064032.9289968 3417174.70195349, -10068896.0322716 3420552.45834593, -10071785.3296552 3414359.48902436, -10086771.2708252 3414499.14376669, -10083658.5552237 3408869.58788239, -10087903.3900466 3404026.25188399, -10091107.7215891 3408022.85682423, -10089779.4574249 3396324.80463346, -10094870.9882948 3398791.7426144, -10094084.5160924 3393482.98395954, -10105895.7367045 3391783.667154, -10104759.3873425 3396076.86165123, -10112183.172864 3398845.54871876, -10116998.6313968 3393118.09781818, -10121203.613842 3398790.7225956, -10109390.612118 3403776.63222877, -10109864.6105098 3408343.37302934, -10118636.1411063 3409729.77284179, -10122997.3047971 3419413.16093086, -10138788.3085246 3421520.70329526, -10141438.1576835 3415661.3743807, -10153854.9563256 3427385.35593536, -10159308.2755405 3438080.79866969, -10178265.5395447 3446139.72125908, -10191049.1359089 3443465.86346284, -10191118.8219101 3457604.28461932, -10201700.2961075 3457839.31544955, -10198607.9519727 3473882.39480936, -10226157.5221932 3468330.66715819, -10228152.5901072 3473474.20345455, -10224306.9469783 3478918.0785818, -10221780.2171763 3476159.42493155, -10222177.7390779 3482850.36166901, -10237715.7136028 3483215.60193814, -10238410.4585449 3478617.87547244, -10256646.5948876 3468958.80243134, -10255861.7924775 3474444.75318476, -10263609.1837588 3473110.26620857, -10248031.2455367 3453107.11897813, -10274481.8697441 3444729.98154752, -10308995.8099476 3450751.97622609, -10378706.3014721 3476427.37510156, -10433066.6144527 3472554.37773421, -10441952.9154443 3468332.58997446, -10452870.5745038 3479120.27061727, -10440798.6436443 3484322.29473232, -10437337.831995 3504316.48313382, -10432025.4432553 3511331.49968266, -10432401.5918147 3515853.13844116, -10431569.3673016 3518307.14334241, -10430293.6459371 3518717.54149854, -10430484.7815028 3521716.07653919, -10429073.2503595 3521719.55209449, -10428759.8859929 3522617.95067177, -10430598.5500224 3522949.5722235, -10430209.5997215 3526151.4015833, -10431121.7516291 3526819.08761726, -10432288.7138511 3531899.67480631, -10431455.4874625 3534356.14030115), (-10410108.9732275 3624634.98591315, -10410108.9732275 3533715.50137072, -10331840.2392507 3533715.50137072, -10331840.2392507 3624634.98591315, -10410108.9732275 3624634.98591315)), ((-10243201.3154701 3451758.1979737, -10230531.4876255 3458731.57502987, -10215759.6138362 3449471.65316966, -10208164.2849794 3449298.98183503, -10215216.0407627 3443794.41992818, -10214453.3909312 3438710.66103319, -10224580.4589672 3437760.31599036, -10243201.3154701 3451758.1979737)), ((-10168056.874322 3419208.0698931, -10163512.3674298 3415957.94872998, -10155281.738239 3424251.99968532, -10151132.0815808 3413552.09948998, -10148047.4184909 3416885.3776121, -10149122.6534524 3411773.46594441, -10150992.8208978 3411911.43378736, -10152377.1900853 3414876.37223867, -10151775.842196 3410496.72640938, -10147048.6600195 3409585.70290099, -10148280.9667826 3406872.15111457, -10145056.1524538 3408742.37056206, -10144345.2661856 3404541.57785831, -10160803.8528993 3407989.8104179, -10168056.874322 3419208.0698931)), ((-10122779.8978316 3408636.20821098, -10126817.4557627 3406467.46976671, -10124900.5341312 3410418.11478496, -10127990.3179177 3410838.23305678, -10127879.1097464 3403642.57683504, -10123938.2884528 3404464.02255081, -10125835.6178539 3399286.84362753, -10130423.5393475 3399097.87935045, -10129457.9540843 3404261.33494927, -10135010.6816046 3402533.83457084, -10133747.7619815 3410746.47460002, -10137597.6352511 3407873.95726813, -10136247.2185083 3399939.44166035, -10143705.7357109 3404552.54788963, -10144256.9898294 3413029.14200207, -10130883.0662055 3413543.5471729, -10129946.3126904 3416895.59195423, -10122779.8978316 3408636.20821098)))","DataType":"urn:ogc:def:dataType:geoxacml:1.0:geometry","Category":"urn:oasis:names:tc:xacml:3.0:attribute-category:resource","AttributeId":"urn:SD:Obligation:Redact:Geometry:WKT"}],"Id":"urn:SD:Obligation:Redact:Image"}]}]}
{"Request": {"ReturnPolicyIdList": false,"CombinedDecision": false,"Category": [{"CategoryId": "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject","Attribute": []},{"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:resource","Attribute": [{"IncludeInResult": false,"AttributeId": "urn:sd:path","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["/geoserver-oauth/wms"]},{"IncludeInResult": false,"AttributeId": "sd:urn:hostname","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["sp.landsense.secure-dimensions.de"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:ows:service","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["WMS"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:ows:version","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["1.3.0"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:ows:request","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["GetMap"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:format","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["image/png"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:transparent","DataType": "http://www.w3.org/2001/XMLSchema#boolean","Value": [true]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:layers","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["topp:states"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:width","DataType": "http://www.w3.org/2001/XMLSchema#integer","Value": [320]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:height","DataType": "http://www.w3.org/2001/XMLSchema#integer","Value": [320]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:crs","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["EPSG:3857"]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:styles","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": [""]},{"IncludeInResult": false,"AttributeId": "urn:ogc:wms:bbox","DataType": "urn:ogc:def:dataType:geoxacml:1.0:geometry","Value": ["POLYGON((-7.51407e+06 5.00938e+06,-7.51407e+06 7.51407e+06,-5.00938e+06 7.51407e+06,-5.00938e+06 5.00938e+06,-7.51407e+06 5.00938e+06))"]},]},{"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:action","Attribute": [{"IncludeInResult": false,"AttributeId": "urn:sd:method","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["GET"]},]},{"CategoryId": "urn:oasis:names:tc:xacml:3.0:attribute-category:environment","Attribute": [{"IncludeInResult": false,"AttributeId": "urn:sd:method","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["GET"]},{"IncludeInResult": false,"AttributeId": "urn:sd:datetime","DataType": "http://www.w3.org/2001/XMLSchema#dateTime","Value": ["2018-11-21T14:29:52Z"]},{"IncludeInResult": false,"AttributeId": "urn:sd:date","DataType": "http://www.w3.org/2001/XMLSchema#date","Value": ["2018-11-21"]},{"IncludeInResult": false,"AttributeId": "urn:sd:time","DataType": "http://www.w3.org/2001/XMLSchema#time","Value": ["14:29:52Z"]},{"IncludeInResult": false,"AttributeId": "urn:sd:host","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["sp.landsense.secure-dimensions.de"]},{"IncludeInResult": false,"AttributeId": "urn:sd:user-agent","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0"]},{"IncludeInResult": false,"AttributeId": "urn:sd:accept","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["*/*"]},{"IncludeInResult": false,"AttributeId": "urn:sd:accept-language","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["en-US","en;q=0.5"]},{"IncludeInResult": false,"AttributeId": "urn:sd:accept-encoding","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["gzip"," deflate"," br"]},{"IncludeInResult": false,"AttributeId": "urn:sd:referer","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["http://localhost:53535/"]},{"IncludeInResult": false,"AttributeId": "urn:sd:connection","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["keep-alive"]},{"IncludeInResult": false,"AttributeId": "urn:sd:tiled","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["true"]},{"IncludeInResult": false,"AttributeId": "urn:sd:access_token","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["200fcaad3e27d4387172ea93daea8686c706f0c9"]},{"IncludeInResult": false,"AttributeId": "urn:sd:format_options","DataType": "http://www.w3.org/2001/XMLSchema#string","Value": ["dpi:113"]},]},]}}
The response from the geoPDP is this:
{"Response":[{"Decision":"Permit"}]}
For more information please contact us.