[GeoNode-users] Geonode & Geoserver - Secure WMS

Mon Jan 22 10:02:55 PST 2018

Hello Pascal,
currently, without further customizations, the only way to access resources
from external clients is by putting the valid OAUth2 access_token generated
by GeoNode into the OWS request URL parameters.

To retrieve this, you need to log into GeoNode, go to any layer details,
click on "Download Layer" and copy the "access_token" query parameter from
any of the generated query strings.

There are plans to make it more easy for the users to retrieve the
access_token from GeoNode in the future, but currently this is the only way
to do this.

Regards,

Alessio Fabiani

==
GeoServer Professional Services from the experts! Visit http://goo.gl/it488V
for more information.
==

Ing. Alessio Fabiani

@alfa7691
Founder/Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax:     +39 0584 1660272
mob:   +39 331 6233686

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

AVVERTENZE AI SENSI DEL D.Lgs. 196/2003

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility  for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

2018-01-22 18:50 GMT+01:00 Pascal Coulon <Pascal.Coulon at scisys.co.uk>:

> Hello,
>
>
>
> I have a use case where I need to securely access OGC services managed by
> GeoNode, Geoserver and GeoFence. Access is required outside Geonode portal
> into third party application: desktop, other spatial web portal, etc.
>
>
>
> Geonode is used as the gateway to manage all datasets. On setting the
> permissions on a given datasets the relevant permissions are being pushed
> to GeoFence via its rest API. By default a ground data rule is set by
> default in GeoFence that prevent accessing / viewing all datasets; which
> means that then datasets would only be visible based on permissions set in
> GeoNode.
>
>
>
> The above part makes sense as long as one browses the data only in
> GeoNode. However, as soon as one wants to access the OGC end points in say
> QGIS / ArcMAP (e.g. wms, wfs) available on http://mydomain/geoserver/
> geonode/wms, you are not anymore authenticated. I have already looked
> into basic authentication; but as far as I understand it, this approach
> requires recreating the Geonode user in GeoServer.
>
>
>
> What are the options then for a desktop / third party application’s user
> to access the secure OGC end-points managed through Geonode? Which
> Geoserver authentication filter one should use?
>
>
>
> Hope this makes sense. Any thoughts or pointer would be greatly
> appreciated.
>
>
>
> Cheers,
>
>
>
> Pascal
>
> <http://gfidisc.scisys.co.uk>
>
>
> SCISYS UK Limited. Registered in England and Wales No. 4373530.
> Registered Office: Methuen Park, Chippenham, Wiltshire SN14 0GB, UK.
>
> Before printing, please think about the environment.
>
> <http://gfidisc.scisys.co.uk>
>
> _______________________________________________
> geonode-users mailing list
> geonode-users at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20180122/bfbeafaa/attachment-0001.html>