[GeoNode-devel] Geoserver retains old admin passwords

Alessio Fabiani alessio.fabiani at geo-solutions.it
Tue Nov 15 01:11:42 PST 2016

Hello Jonathan,
GeoServer makes use of two different Authentication types: Basic Auth (used
by the backend for the import operations and changes to the catalog),
GeoNode-Cookies Auth (used to provide access to the GeoServer resources to
the GeoNode users).

In order to change the GeoServer Basic Auth admin password, you must login
into the GeoServer page using an admin user, go to Security > User, Roles,
... and manually update the admin user password.

Best Regards,
Alessio Fabiani.

GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.

Ing. Alessio Fabiani
Founder/Technical Lead

GeoSolutions S.A.S.
Via di Montramito 3/A
55054  Massarosa (LU)
phone: +39 0584 962313
fax:     +39 0584 1660272
mob:   +39 331 6233686




Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.

The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility  for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.


On Tue, Nov 15, 2016 at 8:24 AM, Jonathan Doig <j.doig at unsw.edu.au> wrote:

> Hi all
> My Geoserver, inside Geonode 2.4 on Ubuntu 16.04, won’t let go of old
> admin passwords.
> I used manage.py createsuperuser to set the Geonode admin password when I
> did my manual install. Pretty sure that password then worked for logging
> into Geoserver as admin also.
> I’ve since changed the Geoserver admin password through the UI, twice, and
> also done so by calling manage.py changepassword directly and from ansible.
> In total I’ve used 2 new passwords. Both passwords, and the original one
> ‘geoserver’, now work when logging in as admin. Other random passwords do
> not.
> It’s not entirely clear but this may be the behaviour reported back in
> September in this post:
> http://osgeo-org.1560.x6.nabble.com/Geo-server-Admin-
> Password-td5286411.html
> Jonathan
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/geonode-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20161115/005a3405/attachment.html>

More information about the geonode-devel mailing list