[GeoNode-users] geoserver authentication in multi-geosites
Francesco Bartoli
xbartolone at gmail.com
Thu Apr 6 08:46:28 PDT 2017
Dear Eugenio,
since the master is not working and there is a plenty of documentation how a
plain geonode 2.4 should be configured even for the old authentication
mechanism I'd rather you did not claim help early for more complex features
like multi tenancy authentication as opposed to challenging yourself to solve
the easiest.
That said I'd encourage again to keep notes of everything that could be
helpful to improve our documentation for geosites and give back to the
community with pull requests.
Your project can be very useful in such a sense because what you are going to
achieve is not common so far and in case of a successful integration (I'm
quite sure of this) all the community can also further benefit.
Many thanks
Ciao
Francesco
Sent from [Nylas Pro](https://link.nylas.com/link/43o9gzlmd58gqwkxv3di3wjcc
/local-22b04220-62bf/0?redirect=https%3A%2F%2Fnylas.com%2Fnylas-
pro%3Fref%3Dn1&r=Z2Vvbm9kZS11c2Vyc0BsaXN0cy5vc2dlby5vcmc=), the most powerful
email app for work
On apr 6 2017, at 4:40 pm, Eugenio Trumpy <frippe12573 at hotmail.com> wrote:
> Unfortunately I have to come back again on this topic, that seemed to be
almost solved yesterday, because this morning I realized that in my running
configuration I cannot view any layer (i.e. in the info page I see the pink
tiles) if I'm not logged in geoserver as admin, and since the authentication
via geonode dosen't currently work fine that is a problem.
>
> This happen both from the master and from geosites.
>
> I think there still is some problem on geoserver configuration.
>
> No useful info on logs.
>
>
>
> * * *
>
> **Da:** Simone Dalmasso <simone.dalmasso at gmail.com>
**Inviato:** mercoledì 5 aprile 2017 15.39
**A:** Eugenio Trumpy
**Cc:** geonode-users at lists.osgeo.org
**Oggetto:** Re: geoserver authentication in multi-geosites
>
>
>
> Eugenio, I don't see wrong config. It is ok I guess to leave the master site
host in the gs config as well as I think it is ok that you cannot log in
directly into gs from a child site. That said, when geosites was developed,
the geoserver ext was modified to make sure that geoserver pings the same host
that made the http request for authentication instead of relying on the base
url parameter. So ideally it should work as you would expect.
>
>
>
>
>
> 2017-04-05 14:39 GMT+02:00 Eugenio Trumpy
<[frippe12573 at hotmail.com](mailto:frippe12573 at hotmail.com)>:
>
>> Hi,
>>
>>
>>
>> I'm working on geonode 2.4 in a Ubuntu server 14.04LTS (tomcat7, java8).
>>
>> I had to upgrade geoserver from 2.7.x version up to 2.9.x.
>>
>> In the system I configured geonode to work as multi-geosites.
>>
>> The master site is the normal geonode site, I mean it use the
local_setting.py I have in /geonode/geonode
>>
>> The geosites are in /geonode/geonode/contrib/geosites, and they use the
relative config files.
>>
>>
>>
>> The documentation: [https://github.com/terranodo/geosites-
project/blob/master/GEOSITES-README.md](https://github.com/terranodo/geosites-
project/blob/master/GEOSITES-
README.md&r=Z2Vvbm9kZS11c2Vyc0BsaXN0cy5vc2dlby5vcmc=)
>>
>> indicates to leave empty <baseurl> in config.xml in
security/auth/geonodeauthprovider/
>>
>> In that way I have this error:
>>
>>
>> java.lang.IllegalArgumentException: host parameter is null
>>
org.apache.commons.httpclient.HttpConnection.<init>(HttpConnection.java:206)
>>
org.apache.commons.httpclient.HttpConnection.<init>(HttpConnection.java:155)
>> org.apache.commons.httpclient.SimpleHttpConnectionManager.getConnectio
nWithTimeout(SimpleHttpConnectionManager.java:175)
>> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMet
hodDirector.java:153)
>>
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
>>
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
>> org.geonode.security.HTTPClient.sendGET(HTTPClient.java:89)
>> org.geonode.security.DefaultSecurityClient.authenticate(DefaultSecurit
yClient.java:185)
>> org.geonode.security.DefaultSecurityClient.authenticateCookie(DefaultS
ecurityClient.java:116)
>> org.geonode.security.GeoNodeAuthenticationProvider.authenticate(GeoNod
eAuthenticationProvider.java:66)
>> org.geoserver.security.GeoServerAuthenticationProvider.authenticate(Ge
oServerAuthenticationProvider.java:58)
>> org.springframework.security.authentication.ProviderManager.authentica
te(ProviderManager.java:167)
>> org.geoserver.security.GeoServerSecurityManager$1.authenticate(GeoServ
erSecurityManager.java:323)
>> org.geonode.security.GeoNodeCookieProcessingFilter.doFilter(GeoNodeCoo
kieProcessingFilter.java:94)
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.d
oFilter(FilterChainProxy.java:330)
>> org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterCha
in.doFilter(GeoServerCompositeFilter.java:69)
>> org.springframework.security.web.context.SecurityContextPersistenceFil
ter.doFilter(SecurityContextPersistenceFilter.java:91)
>> org.geoserver.security.filter.GeoServerSecurityContextPersistenceFilte
r$1.doFilter(GeoServerSecurityContextPersistenceFilter.java:53)
>> org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterCha
in.doFilter(GeoServerCompositeFilter.java:73)
>> org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoSer
verCompositeFilter.java:92)
>> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.d
oFilter(FilterChainProxy.java:330)
>> org.springframework.security.web.FilterChainProxy.doFilterInternal(Fil
terChainProxy.java:213)
>> org.springframework.security.web.FilterChainProxy.doFilter(FilterChain
Proxy.java:176)
>> org.geoserver.security.GeoServerSecurityFilterChainProxy.doFilter(GeoS
erverSecurityFilterChainProxy.java:152)
>> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(De
legatingFilterProxy.java:346)
>> org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegati
ngFilterProxy.java:262)
>> org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:87)
>> org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:42)
>>
org.geoserver.filters.SessionDebugFilter.doFilter(SessionDebugFilter.java:48)
>>
org.geoserver.filters.FlushSafeFilter.doFilter(FlushSafeFilter.java:44)
>> org.springframework.web.filter.CharacterEncodingFilter.doFilterIntaern
al(CharacterEncodingFilter.java:121)
>> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRe
questFilter.java:107)
>>
>> both if I use the geoserver link in the menu (once logged in) and if I call
geoserver by using the geoserver url in the browser address bar.
>>
>>
>>
>> If set the doman name of the master site in <baseurl> in config.xml in
security/auth/geonodeauthprovider/
>>
>> I'm able to enter in geoserver as admin from the menu, by the way doing the
same operation from a geosite
>>
>> I got the geoserverage but not logged.
>>
>>
>>
>> The master site virtualhost as well as those of the geosites have the
proxypass and reverse pointing to [ http://localhost:8080/geoserver](http://lo
calhost:8080/geoserver&r=Z2Vvbm9kZS11c2Vyc0BsaXN0cy5vc2dlby5vcmc=)
>>
>> The same in /geonode/geonode/contrib/geosites/local_setting.py and pre-
setting.py I have [http://localhost:8080/geoserver](http://localhost:8080/geos
erver&r=Z2Vvbm9kZS11c2Vyc0BsaXN0cy5vc2dlby5vcmc=)
>>
>>
>>
>> Is there a wrong configuration?
>>
>> Any hints?
>>
>>
>>
>>
>
>
>
>
>
> \--
>
> Simone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170406/6d83fc6d/attachment-0001.html>
More information about the geonode-users
mailing list