[GeoNode-devel] GeoNode 4.0.0rc0 + Keycloak

Giovanni Allegri giovanni.allegri at geosolutionsgroup.com
Wed May 25 02:32:25 PDT 2022 

We also notice that some changes introduced in the latest versions of
django-allauth has some small changes that require adapting something in
the integration with GeoNode.

django-allauth 0.44.0 is two years old. Several fixes have been introduced
meanwhile, including security improvements.
We would prefer to figure out and solve the problems rather than reverting
it inside GeoNode.

For example, in our case, the problematic configuration
was SOCIALACCOUNT_LOGIN_ON_GET, which is False by default. Recent versions
of django-allauth require a POST request to initiate the login flow, and it
was causing some problems to us.

Were you able to spot what was causing the problem with Keycloak?

Giovanni

On Wed, May 25, 2022 at 10:44 AM Pattara Kiatisevi <pattara at longdo.com>
wrote:

> Changing back to django-allauth 0.44.0 seems to solve the problem at the
> moment.
>
> $ git diff requirements.txt
> diff --git a/requirements.txt b/requirements.txt
> index 50c578230..be55ef0e8 100644
> --- a/requirements.txt
> +++ b/requirements.txt
> @@ -27,7 +27,8 @@ rdflib==6.1.1
>  smart_open==6.0.0
>
>  # Django Apps
> -django-allauth==0.50.0
> +#django-allauth==0.50.0
> +django-allauth==0.44.0
>  django-appconf==1.0.5
>  django-celery-results==2.3.1
>  django-filter==21.1
>
> Cheers,
> Pattara
>
> On Fri, May 6, 2022 at 7:32 PM Giovanni Allegri <
> giovanni.allegri at geosolutionsgroup.com> wrote:
>
>> Thanks for reporting this Pattara.
>>
>> We have used Keyclok in several contexts in the past but we haven't had
>> the chance to test it with GN 4 yet.
>> Would you kindly open an issue on the GeoNode repo to keep track of it?
>>
>> Best,
>> Giovanni
>>
>> On Thu, May 5, 2022 at 12:03 PM Pattara Kiatisevi <pattara at longdo.com>
>> wrote:
>>
>>> Hi,
>>>
>>> We used to set up a GeoNode 3.3x + Keycloak site according to
>>> https://gist.github.com/t-book/0fb30804e217bdeb064dd91b5041fbc9 and
>>> things worked well.
>>>
>>> Now as we are trying GeoNode 4.0.0rc0, following the same steps. But
>>> when clicking at the "Sign in with Keycloak" link (which is something like
>>> https://<keycloak-hostname>/account/keycloak/login/?process=login&next=%2F
>>> ), it doesn't redirect the user to the Keycloak site, but instead got stuck
>>> at geonode.
>>>
>>> When checking that URL, we found that if the request is made with HEAD
>>> (i.e., curl -I), the response seems to be correct (HTTP 302, redirecting
>>> users to Keycloak).
>>>
>>> [image: image.png]
>>>
>>> But when using browsers or normal curl (curl -v -o /dev/null "https://<geonode-hostname>/account/keycloak/login/?process=login&next=%2F",
>>> it responds with HTTP 200, which is wrong.
>>> [image: image.png]
>>>
>>> Any input is really appreciated.
>>>
>>> Thank you very much in advance,
>>> Pattara
>>>
>>>
>>> _______________________________________________
>>> geonode-devel mailing list
>>> geonode-devel at lists.osgeo.org
>>> https://lists.osgeo.org/mailman/listinfo/geonode-devel
>>>
>>
>>
>> --
>>
>> ==
>>
>> GeoServer Professional Services from the experts!
>>
>> Visit http://bit.ly/gs-services-us for more information.
>> ==
>>
>> Dott. Giovanni Allegri
>>
>> Technical Lead / Project Manager
>>
>>
>> GeoSolutions Group
>> phone: +39 0584 962313
>> fax:      +39 345 2815774
>>
>> https://www.geosolutionsgroup.com/
>> http://twitter.com/geosolutions_it
>> -------------------------------------------------------
>>
>> Con riferimento alla normativa sul trattamento dei dati personali (Reg.
>> UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si
>> precisa che ogni circostanza inerente alla presente email (il suo
>> contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è
>> riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il
>> messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra
>> operazione è illecita. Le sarei comunque grato se potesse darmene notizia.
>>
>> This email is intended only for the person or entity to which it is
>> addressed and may contain information that is privileged, confidential or
>> otherwise protected from disclosure. We remind that - as provided by
>> European Regulation 2016/679 “GDPR” - copying, dissemination or use of this
>> e-mail or the information herein by anyone other than the intended
>> recipient is prohibited. If you have received this email by mistake, please
>> notify us immediately by telephone or e-mail.
>>
>

-- 

==

GeoServer Professional Services from the experts!

Visit http://bit.ly/gs-services-us for more information.
==

Dott. Giovanni Allegri

Technical Lead / Project Manager


GeoSolutions Group
phone: +39 0584 962313
fax:      +39 345 2815774

https://www.geosolutionsgroup.com/
http://twitter.com/geosolutions_it
-------------------------------------------------------

Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE
2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si
precisa che ogni circostanza inerente alla presente email (il suo
contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è
riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il
messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra
operazione è illecita. Le sarei comunque grato se potesse darmene notizia.

This email is intended only for the person or entity to which it is
addressed and may contain information that is privileged, confidential or
otherwise protected from disclosure. We remind that - as provided by
European Regulation 2016/679 “GDPR” - copying, dissemination or use of this
e-mail or the information herein by anyone other than the intended
recipient is prohibited. If you have received this email by mistake, please
notify us immediately by telephone or e-mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20220525/c3393bd8/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 201630 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20220525/c3393bd8/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 222005 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-devel/attachments/20220525/c3393bd8/attachment-0003.png>

More information about the geonode-devel mailing list