[GeoNode-devel] geonode REST role service - Adminstrator role dropdown empty
Alessio Fabiani
alessio.fabiani at geo-solutions.it
Tue Jan 9 06:32:08 PST 2018
Hello,
actually the best thing you can do without too much effort and/or any
customization, is to retrieve the valid "access_token" from any Layer link,
once authenticated to GeoNode, and attach it to the getcapabilities URL as
a query param.
1)
[image: Immagine incorporata 1]
2) get the *access_token=... *from the klink
3) attach it to the request
*http://localhost/geoserver/geonode/wms?request=getcapabilities&access_token=123456667
<http://localhost/geoserver/geonode/wms?request=getcapabilities&access_token=123456667>*
Regards,
Alessio Fabiani
==
GeoServer Professional Services from the experts! Visit http://goo.gl/it488V
for more information.
==
Ing. Alessio Fabiani
@alfa7691
Founder/Technical Lead
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 331 6233686
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.
2018-01-08 17:15 GMT+01:00 Peter Marlow <Peter.Marlow at scisys.co.uk>:
> Thanks for the reply Alessio. Are you able to shed some light on a similar
> post I’ve created regarding the oauth2 config here
> http://osgeo-org.1560.x6.nabble.com/oauth2-Issue-managing-layer-access-
> td5348371.html ?
>
>
>
> Thanks,
>
> Pete
>
>
>
> *From:* Alessio Fabiani [mailto:alessio.fabiani at geo-solutions.it]
> *Sent:* 08 January 2018 12:11
> *To:* Peter Marlow
> *Cc:* Alessio Fabiani; geonode-devel at lists.osgeo.org
> *Subject:* Re: [GeoNode-devel] geonode REST role service - Adminstrator
> role dropdown empty
>
>
>
> Very interesting,
>
> thanks Peter. Yes your findings need to be tackled down on GeoNode core
> too.
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> 55054 Massarosa
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> (LU)
> Italy
> phone: +39 0584 962313 <0584%20962313>
> fax: +39 0584 1660272 <0584%20166%200272>
> mob: +39 331 6233686 <331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
>
>
> 2018-01-02 18:07 GMT+01:00 Peter Marlow <Peter.Marlow at scisys.co.uk>:
>
> I think I’ve partially resolved this issue.
>
>
>
> The problem was because I had configured my GeoNode instance as locked
> down, i.e.
>
>
>
>
>
> LOCKDOWN_GEONODE = True
>
> if LOCKDOWN_GEONODE:
>
> MIDDLEWARE_CLASSES = MIDDLEWARE_CLASSES + \
>
> ('geonode.security.middleware.LoginRequiredMiddleware',)
>
>
>
>
>
>
>
> And the default list of AUTH_EXEMPT_URLS isn’t sufficient – I’ve had to
> add ‘/o/*’ to the list so it becomes:
>
>
>
>
>
> AUTH_EXEMPT_URLS = ('/api/o/*', '/api/roles', '/api/adminRole',
> '/api/users', '/o/*')
>
>
>
>
>
>
>
> So now the GeoNode login button within GeoServer works and the dropdowns
> are populated with ROLE_ADMIN for the *geonode REST role service*.
>
>
>
> Is the above a bug? It feels like it to me.
>
>
>
>
>
>
>
> The follow on issue I’ve not encountered is that I’ve configured a WMS
> layer to be accessible to a specific geonode user via the geonode GUI, I’ve
> also checked that the correct rule has been subsequently generated in
> geofence, however when I attempt to access the getCapabilities for the WMS
> (using QGIS) as the specific geonode user using basic authentication I get
> a security error. Is there something else I need to configure to get this
> to work? My expectation was that geoserver would validate the given
> username/password against geonode (using the REST service) and determine
> that the user is a valid geonode user and has access to the WMS layer in
> question?
>
>
>
>
>
> *From:* Alessio Fabiani [mailto:alessio.fabiani at geo-solutionsit
> <alessio.fabiani at geo-solutions.it>]
> *Sent:* 20 December 2017 17:16
> *To:* Peter Marlow
> *Cc:* Alessio Fabiani; geonode-devel at lists.osgeo.org
> *Subject:* Re: [GeoNode-devel] geonode REST role service - Adminstrator
> role dropdown empty
>
>
>
> It seems to me that is more a GeoNode issue than a GeoServer one.
>
>
>
> 404 error means that that endpoint cannot be found.
>
>
>
> However you should use GeoServer + OAUth2 from at least GeoNode 2.6.3 and
> above. For the previous versions better to use this version of GeoServer
> (old A&A system)
>
>
>
> http://build.geonode.org/geoserver/latest/geoserver-2.9.x.war
>
>
>
>
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> 55054 Massarosa
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> (LU)
> Italy
> phone: +39 0584 962313 <0584%20962313>
> fax: +39 0584 1660272 <0584%20166%200272>
> mob: +39 331 6233686 <331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
>
>
> On Wed, Dec 20, 2017 at 5:25 PM, Peter Marlow <Peter.Marlow at scisys.co.uk>
> wrote:
>
> I’ve tried with the 2.9 version of geoserver using the default data
> directory and tweaked the urls from localhost:8000 to just localhost for
> the oauth config but I get the same problem. Which leads me to believe it
> is an issue with GeoNode. I thought maybe I should remove my override of
> the SITEURL parameter in settings.py which set it to http://localhost/ so
> that it uses the default SITEURL parameter of http://localhost:8000/,
> however I’ve done this and restarted apache but doing a *curl -X GET
> "http://localhost:8000/api/roles <http://localhost:8000/api/roles>"*
> still returns a 404 so I’m not sure why geonode has not fallen back to the
> default URL…
>
>
>
> I’m currently out of ideas on what to try next…
>
>
>
> Is there anywhere that states which versions of geonode/geoserver are
> compatible? Or known to work regarding the oauth setup that I’m trying to
> get working at the moment?
>
>
>
> Thanks,
>
> Pete
>
>
>
> *From:* Alessio Fabiani [mailto:alessio.fabiani at geo-solutionsit
> <alessio.fabiani at geo-solutions.it>]
>
> *Sent:* 20 December 2017 14:02
>
>
> *To:* Peter Marlow
> *Cc:* Alessio Fabiani; geonode-devel at lists.osgeo.org
> *Subject:* Re: [GeoNode-devel] geonode REST role service - Adminstrator
> role dropdown empty
>
>
>
> Nope it is not correct, you should be redirected to the GeoNode login page
> instead of the GeoServer one and once the GeoNode login is successfull it
> will redirect you back to GeoServer automatically.
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> 55054 Massarosa
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> (LU)
> Italy
> phone: +39 0584 962313 <0584%20962313>
> fax: +39 0584 1660272 <0584%20166%200272>
> mob: +39 331 6233686 <331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
>
>
> On Wed, Dec 20, 2017 at 2:42 PM, Peter Marlow <Peter.Marlow at scisys.co.uk>
> wrote:
>
> The geoserver WAR is being retrieved from here: http://build.geonode.org/
> geoserver/latest/geoserver-2.12.x.war
>
>
>
> I’ve found the geonode button in geoserver – when I select it I get a page
> saying authorise geoserver, when I click ‘Authorize’ I’m just taken back to
> the geoserver login page with a ‘code’ parameter passed in the URI, is that
> correct? Or should that have taken me to geonode? I’ve viewed the dropdown
> lists after using this authorize button but they are still empty.
>
>
>
> I’ll try using GeoServer 2.9 as you suggest, thanks for your help so far
> Alessio.
>
>
>
> Thanks,
>
> Pete
>
>
>
> *From:* Alessio Fabiani [mailto:alessio.fabiani at geo-solutions.it]
> *Sent:* 20 December 2017 12:17
> *To:* Peter Marlow
> *Cc:* Alessio Fabiani; geonode-devel at lists.osgeo.org
> *Subject:* Re: [GeoNode-devel] geonode REST role service - Adminstrator
> role dropdown empty
>
>
>
> Mmm, yes the configuration looks ok.
>
>
>
> The button appears if you logout from GeoServer (at least it should
> appear).
>
>
>
> Sorry, don't remember if I already asked, where did you get the geoserver
> WAR and it's default DATA DIR?
>
>
>
> However I never tested GeoServer 2.12.x with GeoNode 2.6.3.
>
>
>
> Maybe you can try to go back to GeoServer 2.9 from here
>
>
>
> http://build.geonode.org/geoserver/latest/
>
>
>
>
>
>
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> 55054 Massarosa
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> (LU)
> Italy
> phone: +39 0584 962313 <0584%20962313>
> fax: +39 0584 1660272 <0584%20166%200272>
> mob: +39 331 6233686 <331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
>
>
> On Wed, Dec 20, 2017 at 1:02 PM, Peter Marlow <Peter.Marlow at scisys.co.uk>
> wrote:
>
> GeoServer is present at http://localhost:8080/geoserver but can also be
> accessed via http://localhost/geoserver
>
>
>
> This my geonode config:
>
>
>
>
>
> This is my geoserver config:
>
>
>
> That all looks to be correct to me…?
>
>
>
> I can’t see any button within GeoServer that logs me into GeoNode,
> whereabouts should I see this button?
>
>
>
> Thanks,
>
> Pete
>
>
>
> *From:* Alessio Fabiani [mailto:alessio.fabiani at geo-solutionsit
> <alessio.fabiani at geo-solutions.it>]
>
> *Sent:* 20 December 2017 11:37
> *To:* Peter Marlow
> *Cc:* Alessio Fabiani; geonode-devel at lists.osgeo.org
> *Subject:* Re: [GeoNode-devel] geonode REST role service - Adminstrator
> role dropdown empty
>
>
>
> Where GeoServer is exposed?
>
>
>
> http://localhost/geoserver/ ? Or something else?
>
>
>
> Make sure you have all the redirect uris configured on GeoNode Admin
>
>
>
> [image: Inline image 1]
>
>
>
> And also on GeoServer geonode-oauth2 plugin make sure all the addresses
> point to the goenode base (in your case should be http://localhost
> instead of http://localhost:8000) except for the redirect uri which must
> be the GeoServer endpoint.
>
>
>
>
>
> However if you can login by clicking the geonode button on GeoServer GUI,
> the configuration is good.
>
>
>
>
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions SA.S.
>
>
> Via di Montramito 3/A
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> 55054 Massarosa
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> (LU)
> Italy
> phone: +39 0584 962313 <0584%20962313>
> fax: +39 0584 1660272 <0584%20166%200272>
> mob: +39 331 6233686 <331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it <http://twittercom/geosolutions_it>
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
>
>
> On Wed, Dec 20, 2017 at 12:15 PM, Peter Marlow <Peter.Marlow at scisys.co.uk>
> wrote:
>
> I’ve restarted Apache and Tomcat.
>
>
>
> I’ve taken a tcpdump to see the connections going from geoserver to geonode
>
>
>
> 10:55:53.913021 IP localhost.55298 > localhost.http: Flags [P.], seq
> 206:432, ack 361, win 350, options [nop,nop,TS val 10620058 ecr 10620058],
> length 226: HTTP: GET /account/login/?next=/api/roles HTTP/1.1
>
> 10:55:53.951452 IP localhost.http > localhost.55298: Flags [.], ack 432,
> win 359, options [nop,nop,TS val 10620068 ecr 10620058], length 0
>
> 10:55:54.004726 IP localhost.http > localhost.55298: Flags [P.], seq
> 361:5375, ack 432, win 359, options [nop,nop,TS val 10620081 ecr 10620058],
> length 5014: HTTP: HTTP/1.1 200 OK
>
> 10:55:54.004807 IP localhost.55298 > localhost.http: Flags [.], ack 5375,
> win 1373, options [nop,nop,TS val 10620081 ecr 10620081], length 0
>
> 10:55:54.007690 IP localhost.55298 > localhost.http: Flags [P.], seq
> 432:637, ack 5375, win 1373, options [nop,nop,TS val 10620082 ecr
> 10620081], length 205: HTTP: GET /api/roles HTTP/1.1
>
> 10:55:54.007699 IP localhost.http > localhost.55298: Flags [.], ack 637,
> win 367, options [nop,nop,TS val 10620082 ecr 10620082], length 0
>
> 10:55:54.012633 IP localhost.http > localhost.55298: Flags [P.], seq
> 5375:5734, ack 637, win 367, options [nop,nop,TS val 10620083 ecr
> 10620082], length 359: HTTP: HTTP/1.1 302 FOUND
>
> 10:55:54.013317 IP localhost.55298 > localhost.http: Flags [P.], seq
> 637:863, ack 5734, win 1452, options [nop,nop,TS val 10620083 ecr
> 10620083], length 226: HTTP: GET /account/login/?next=/api/roles HTTP/1.1
>
>
>
> It looks like it is calling out to geonode ok but is being redirected to
> the login page…? Suggests the authentication between geoserver and geonode
> is incorrect.
>
>
>
> I’ve setup the Client ID and Client Secret within GeoNode and GeoServer as
> described in the tutorial though - http://docs.geonode.org/en/
> master/tutorials/admin/geoserver_geonode_security/
>
>
>
> Are there any other checks I can perform to determine whether geoserver is
> passing the correct security details to geonode?
>
>
>
> Thanks,
>
> Pete
>
>
>
> *From:* Alessio Fabiani [mailto:alessio.fabiani at geo-solutionsit
> <alessio.fabiani at geo-solutions.it>]
>
> *Sent:* 20 December 2017 10:37
> *To:* Peter Marlow
> *Cc:* Alessio Fabiani; geonode-devel at lists.osgeo.org
> *Subject:* Re: [GeoNode-devel] geonode REST role service - Adminstrator
> role dropdown empty
>
>
>
> Nope the geonode address is not a problem, you can use whatever is
> accessible.
>
>
>
> Did you also restarted GeoServer / Tomcat ?
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> 55054 Massarosa
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> (LU)
> Italy
> phone: +39 0584 962313 <0584%20962313>
> fax: +39 0584 1660272 <0584%20166%200272>
> mob: +39 331 6233686 <331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
>
>
> On Wed, Dec 20, 2017 at 11:32 AM, Peter Marlow <Peter.Marlow at scisys.co.uk>
> wrote:
>
> Hi Alessio,
>
>
>
> Thanks for the reply!
>
>
>
> It looks like the /api endpoint on my geonode is accessible at
> http://localhost/ and not at http://localhost:8000/. Is this a problem?
>
>
>
> I’ve configured the base URL of the Role Service to be just
> http://localhost/ but I still don’t see the ROLE_ADMIN user in the
> dropdowns.
>
>
>
> GeoNode has a superuser configured with the username ‘admin’, it doesn’t
> have any groups though, do I need to create a group?
>
>
>
> If I open up port 8000 in my apache2 config how would I go about changing
> the GeoNode api to be on port 8000? (is that actually necessary?)
>
>
>
> Thanks,
>
> Pete
>
>
>
> *From:* Alessio Fabiani [mailto:alessio.fabiani at geo-solutionsit
> <alessio.fabiani at geo-solutions.it>]
>
> *Sent:* 20 December 2017 09:18
> *To:* Peter Marlow
> *Cc:* geonode-devel at lists.osgeo.org
> *Subject:* Re: [GeoNode-devel] geonode REST role service - Adminstrator
> role dropdown empty
>
>
>
> Hi,
>
> the roles are taken from GeoNode.
>
>
>
> You need to be sure that:
>
>
>
> 1. GeoServer can reach GeoNode
>
> 2. the base url of the role service is correctly pointing to GeoNode
>
> 3. GeoNode has either an admin user configured and groups
>
>
>
> If still not working you can try to do some curl requests to GeoNode and
> see if it is correctly responding.
>
>
>
> curl -X GET "http://localhost:8000/api/roles"
>
>
>
>
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> 55054 Massarosa
> <https://maps.google.com/?q=Via+di+Montramito+3/A+%0D+55054+%C2%A0Massarosa&entry=gmail&source=g>
> (LU)
> Italy
> phone: +39 0584 962313 <0584%20962313>
> fax: +39 0584 1660272 <0584%20166%200272>
> mob: +39 331 6233686 <331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
>
>
> On Tue, Dec 19, 2017 at 6:14 PM, Peter Marlow <Peter.Marlow at scisys.co.uk>
> wrote:
>
> Hi all,
>
>
>
> I’m configuring geonode/geoserver security using the tutorial here -
> http://docs.geonode.org/en/master/tutorials/admin/
> geoserver_geonode_security/
>
>
>
> The problem I have is that when I create the ‘geonode REST role service’
> both the ‘Administrator role’ and ‘Group administrator role’ dropdowns are
> empty – the tutorial suggests they should contain the value ROLE_ADMIN.
>
>
>
> Any ideas where this ROLE_ADMIN should be configured in order to make it
> available in the dropdowns?
>
>
>
> GEOSERVER VERSION – 2.12-SNAPSHOT
>
> GEONODE VERSION – 2.6.3
>
>
>
> Thanks,
> Pete
>
>
>
>
>
> SCISYS UK Limited. Registered in England and Wales No. 4373530.
>
> Registered Office: Methuen Park, Chippenham, Wiltshire SN14 0GB, UK.
>
>
>
> Before printing, please think about the environment.
>
>
> _______________________________________________
> geonode-devel mailing list
> geonode-devel at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-devel
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20180109/d8752a38/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 29479 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20180109/d8752a38/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 18449 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20180109/d8752a38/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 24584 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20180109/d8752a38/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 20690 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20180109/d8752a38/attachment-0007.png>
More information about the geonode-devel
mailing list