[GeoNode-users] Help with geonodeAuthProvider configuration

Ivo Santos ivojfs at gmail.com
Thu Jan 21 04:30:17 PST 2016


Alessio,

Thank you for your reply. I think that I did understand what you were
saying... After some improvements, geonode and geoserver are still unable
to communicate when a user is logged on geonode (this time, independently
of being logged on geoserver).

On local_settings.py:

# OGC (WMS/WFS/WCS) Server Settings
OGC_SERVER = {
    'default' : {
        'BACKEND' : 'geonode.geoserver',
        'LOCATION' : 'http://atlas.example.com:8080/geoserver/',
        'PUBLIC_LOCATION' : GEOSERVER_URL,
        'USER' : 'admin',
        'PASSWORD' : '*********************'

[...]

ALLOWED_HOSTS=['atlas.example.com']


On geonodeAuthProvider/config.xml:

  <baseUrl>http://atlas.example.com/</baseUrl>

Does anyone have a clue of what is the problem? It seems the same problem
Ariel had in November:
https://lists.osgeo.org/pipermail/geonode-users/2015-November/001150.html

Best regards,
Ivo

2016-01-20 15:19 GMT+00:00 Alessio Fabiani <alessio.fabiani at geo-solutions.it
>:

> The GeoNode/GeoServer security, right now, in order to work correctly
> needs both GeoNode and GeoServer exposed under the same domain (and the
> same port).
>
> Therefore if you expose GeoNode as http://mysite/ you must also expose
> GeoServer as http://mysite/geoserver
>
> The GeoNode authentication provider can be configured with
> http://localhost, I guess, but you must be sure that GeoServer is also
> exposed as http://localhost/geoserver.
>
> The rationale is that the GeoNodeSecurityClient looks for the
> AuthPrincipal from the cookies.
>
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/NWWaa2 for more information.
> ==
>
> Ing. Alessio Fabiani
> @alfa7691
> Founder/Technical Lead
>
> GeoSolutions S.A.S.
> Via Poggio alle Viti 1187
> 55054  Massarosa (LU)
> Italy
> phone: +39 0584 962313
> fax:     +39 0584 1660272
> mob:   +39  331 6233686
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> *AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
>
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility  for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
> On Wed, Jan 20, 2016 at 3:58 PM, Ivo Santos <ivojfs at gmail.com> wrote:
>
>> Hi everyone,
>>
>> After several limiting issues concerning the configuration of apache that
>> I have to thank you especially to Simone for all the help and guidance, I
>> am now with a problem with the connection between geonode and geoserver:
>>
>> If user as log in on geoserver but not on geonode, he can view the layers.
>> If user is not loged on geoserver, he can not view the layers and the
>> error is:
>> 2016-01-20 14:39:59,947 WARN [geonode.security] - Error connecting to the
>> GeoNode server for authentication purposes
>> org.springframework.security.authentication.AuthenticationServiceException:
>> Communication with GeoNode failed (UsernamePasswordAuthenticationToken)
>>
>> If user is logged on both geonode and geoserver it gives a internal error
>> (500).
>>
>> Following this thread
>> <https://groups.google.com/forum/m/#!topic/geonode-users/84HvjbarPE8>I
>> tried to apply this doc
>> <https://github.com/GeoNode/geonode/commit/cc732e0a73c6d04d8f57fdf376dfb9a9848abd86>to
>> my installation but it didn't worked.
>> Does it have to remain like "http://localhost/" on both files or should
>> I substitute by "http://atlas.example.com" on both? If you need more
>> info please let me know.
>>
>> Thank you for all the help and patience for this newcomer,
>> regards,
>> Ivo
>>
>>
>> --
>> Ivo Santos
>>
>> _______________________________________________
>> geonode-users mailing list
>> geonode-users at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/geonode-users
>>
>>
>


-- 
Ivo Santos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20160121/9816ee55/attachment.html>


More information about the geonode-users mailing list