[GeoNode-users] Issue with admin authentication

Annalisa Schiavon annalisa.schiavon at gmail.com
Wed Jul 19 06:25:10 PDT 2017 

I can enter in GeoNode REST Role Service. <baseUrl> was my ip:

<baseUrl>http:// <http://localhost/>192.168.31.80</baseUrl>

Now I set it to localhost. This is my screenshot:

[image: Immagine incorporata 1]


In Authentication filters, geonode-oauth2 is setted as below:

[image: Immagine incorporata 2]

what I wrong?
ClientID and Client Secret are equal to those in Geonode Admin

Thanks

2017-07-19 13:56 GMT+02:00 Alessio Fabiani <alessio.fabiani at geo-solutions.it
>:

> In that case it might be a misconfiguration of the "GeoNode REST Role
> Service". Most likely if you try to enter it you will receive an error.
>
> You need to double check manually the file inside the GEOSERVER_DATA_DIR:
>
> $GEOSERVER_DATA_DIR/security/role/geonode\ REST\ role\ service/config.xml
>
> and make sure this parameter points correctly to the base URL of your
> GeoNode instance
>
> <baseUrl>http://localhost</baseUrl>
>
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> 55054  Massarosa (LU)
> Italy
> phone: +39 0584 962313 <+39%200584%20962313>
> fax:     +39 0584 1660272 <+39%200584%20166%200272>
> mob:   +39 331 6233686 <+39%20331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility  for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
> On Wed, Jul 19, 2017 at 1:41 PM, Annalisa Schiavon <
> annalisa.schiavon at gmail.com> wrote:
>
>> I didn't delete the "admin" user in geonode, but ... there is a default
>> admin user in geonode? My superuser created with
>>
>>     geonode createsuperuser
>>
>> is named "geonode".
>> I migrated a geonode 2.4 db (than execute $ geonode migrate
>> --fake-initial); maybe I lost the admin user?
>> Among geonode users I have geonode, AnonymousUser and than my users
>> created in 2.4.
>>
>> In Geoserver, I've changed the default password of admin user and stop.
>>
>>
>>
>> 2017-07-19 11:42 GMT+02:00 Alessio Fabiani <alessio.fabiani at geo-solutions
>> .it>:
>>
>>> Did you deleted the "admin" user from  GeoNode? Or removed privileged
>>> status? If yes it is normal, otherwise not.
>>>
>>> Regards,
>>>
>>> Alessio Fabiani
>>>
>>> ==
>>> GeoServer Professional Services from the experts! Visit
>>> http://goo.gl/it488V for more information.
>>> ==
>>>
>>> Ing. Alessio Fabiani
>>>
>>> @alfa7691
>>> Founder/Technical Lead
>>>
>>>
>>> GeoSolutions S.A.S.
>>> Via di Montramito 3/A
>>> 55054  Massarosa (LU)
>>> Italy
>>> phone: +39 0584 962313 <+39%200584%20962313>
>>> fax:     +39 0584 1660272 <+39%200584%20166%200272>
>>> mob:   +39 331 6233686 <+39%20331%20623%203686>
>>>
>>> http://www.geo-solutions.it
>>> http://twitter.com/geosolutions_it
>>>
>>> -------------------------------------------------------
>>>
>>> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>>>
>>> Le informazioni contenute in questo messaggio di posta elettronica e/o
>>> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
>>> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
>>> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
>>> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
>>> darcene notizia via e-mail e di procedere alla distruzione del messaggio
>>> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
>>> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
>>> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
>>> principi dettati dal D.Lgs. 196/2003.
>>>
>>> The information in this message and/or attachments, is intended solely
>>> for the attention and use of the named addressee(s) and may be confidential
>>> or proprietary in nature or covered by the provisions of privacy act
>>> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
>>> Code).Any use not in accord with its purpose, any disclosure, reproduction,
>>> copying, distribution, or either dissemination, either whole or partial, is
>>> strictly forbidden except previous formal approval of the named
>>> addressee(s). If you are not the intended recipient, please contact
>>> immediately the sender by telephone, fax or e-mail and delete the
>>> information in this message that has been received in error. The sender
>>> does not give any warranty or accept liability as the content, accuracy or
>>> completeness of sent messages and accepts no responsibility  for changes
>>> made after they were sent or for other risks which arise as a result of
>>> e-mail transmission, viruses, etc.
>>>
>>> On Thu, Jul 13, 2017 at 9:29 AM, Annalisa Schiavon <
>>> annalisa.schiavon at gmail.com> wrote:
>>>
>>>> I don't want to create a different admin user of Geoserver. But "admin"
>>>> user (the default of Geoserver) is an Administrator if I set in Security
>>>> settings, "Active role service" = "default". If I set "Active role service"
>>>> = "geonode REST role service", the "admin" user is no longer an
>>>> administrator but a common user with no permission.
>>>> This is my edit user page of admin user, when I set geonode REST role
>>>> service:
>>>>
>>>> [image: Immagine incorporata 1]
>>>>
>>>> Is it normal? It's ok?
>>>>
>>>> Thanks
>>>> Annalisa
>>>>
>>>> 2017-07-13 8:25 GMT+02:00 Alessio Fabiani <
>>>> alessio.fabiani at geo-solutions.it>:
>>>>
>>>>> As stated in the documentation, GeoServer still has its own internal
>>>>> users.
>>>>>
>>>>> If you want to create an admin different from the default one in
>>>>> GeoServer also which works with basic auth also, you need to create a
>>>>> GeoServer internal user too.
>>>>>
>>>>> Regards,
>>>>>
>>>>> Alessio Fabiani
>>>>>
>>>>> ==
>>>>> GeoServer Professional Services from the experts! Visit
>>>>> http://goo.gl/it488V for more information.
>>>>> ==
>>>>>
>>>>> Ing. Alessio Fabiani
>>>>>
>>>>> @alfa7691
>>>>> Founder/Technical Lead
>>>>>
>>>>>
>>>>> GeoSolutions S.A.S.
>>>>> Via di Montramito 3/A
>>>>> 55054  Massarosa (LU)
>>>>> Italy
>>>>> phone: +39 0584 962313 <+39%200584%20962313>
>>>>> fax:     +39 0584 1660272 <+39%200584%20166%200272>
>>>>> mob:   +39 331 6233686 <+39%20331%20623%203686>
>>>>>
>>>>> http://www.geo-solutions.it
>>>>> http://twitter.com/geosolutions_it
>>>>>
>>>>> -------------------------------------------------------
>>>>>
>>>>> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>>>>>
>>>>> Le informazioni contenute in questo messaggio di posta elettronica e/o
>>>>> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
>>>>> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
>>>>> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
>>>>> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
>>>>> darcene notizia via e-mail e di procedere alla distruzione del messaggio
>>>>> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
>>>>> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
>>>>> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
>>>>> principi dettati dal D.Lgs. 196/2003.
>>>>>
>>>>> The information in this message and/or attachments, is intended solely
>>>>> for the attention and use of the named addressee(s) and may be confidential
>>>>> or proprietary in nature or covered by the provisions of privacy act
>>>>> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
>>>>> Code).Any use not in accord with its purpose, any disclosure, reproduction,
>>>>> copying, distribution, or either dissemination, either whole or partial, is
>>>>> strictly forbidden except previous formal approval of the named
>>>>> addressee(s). If you are not the intended recipient, please contact
>>>>> immediately the sender by telephone, fax or e-mail and delete the
>>>>> information in this message that has been received in error. The sender
>>>>> does not give any warranty or accept liability as the content, accuracy or
>>>>> completeness of sent messages and accepts no responsibility  for changes
>>>>> made after they were sent or for other risks which arise as a result of
>>>>> e-mail transmission, viruses, etc.
>>>>>
>>>>> On Wed, Jul 12, 2017 at 2:09 PM, Annalisa Schiavon <
>>>>> annalisa.schiavon at gmail.com> wrote:
>>>>>
>>>>>> I add that if I run this command:
>>>>>>
>>>>>> $ curl http://localhost/api/users/admin
>>>>>>
>>>>>> I get:
>>>>>> {"users": []}
>>>>>>
>>>>>> The other cmd:
>>>>>>
>>>>>> curl http://localhost/api/adminRole
>>>>>> curl http://localhost/api/users
>>>>>> curl http://localhost/api/roles
>>>>>>
>>>>>> are ok.
>>>>>>
>>>>>> I attach the last lines of geoserver.log
>>>>>>
>>>>>> I've migrated from geonode 2.4 to geonode 2.6.
>>>>>> I've changed the geoserver data dir coping the original 2.9 and than
>>>>>> replacing these directories from my geoserver 2.7:
>>>>>>
>>>>>>    - data
>>>>>>    - layergroups
>>>>>>    - legendsamples
>>>>>>    - styles
>>>>>>    - workspace
>>>>>>
>>>>>> Thanks for any reply
>>>>>> Annalisa
>>>>>>
>>>>>>
>>>>>> 2017-07-12 12:48 GMT+02:00 Annalisa Schiavon <
>>>>>> annalisa.schiavon at gmail.com>:
>>>>>>
>>>>>>> Hi all.
>>>>>>> I've followed this doc because I had some problems with permissions
>>>>>>> on layers: http://docs.geonode.org/en/mas
>>>>>>> ter/tutorials/admin/geoserver_geonode_security/index.html .
>>>>>>>
>>>>>>> My geonode superuser is "*geonode*", so I access Geoserver with
>>>>>>> geonode and setted geonode REST role service as Active role service in
>>>>>>> Security settings.
>>>>>>>
>>>>>>> After doing this, I can no more login in Geoserver with *admin*
>>>>>>> user.
>>>>>>> Unfortunately, I made a "updatelayer" with --remove-deleted option
>>>>>>> and this deleted all my layers from geonode. In geoserver there are all
>>>>>>> layers.
>>>>>>>
>>>>>>> I try to change back Security settings and set it to "default". Now
>>>>>>> if I make an updatelayers, geonode recreate my layers (but I have to
>>>>>>> restore my old backups because I lost all metadata and link with the maps).
>>>>>>>
>>>>>>> I hope that after restoring geonode DB and doing "geonode migrate
>>>>>>> --fake-initial" I'll return to my situation of yesterday.
>>>>>>> But how should I set Security settings?
>>>>>>>
>>>>>>> Thanks
>>>>>>> Annalisa
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> geonode-users mailing list
>>>> geonode-users at lists.osgeo.org
>>>> https://lists.osgeo.org/mailman/listinfo/geonode-users
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> geonode-users mailing list
>> geonode-users at lists.osgeo.org
>> https://lists.osgeo.org/mailman/listinfo/geonode-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170719/a19e0b05/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 169565 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170719/a19e0b05/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 204972 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170719/a19e0b05/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 143763 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170719/a19e0b05/attachment-0005.png>

More information about the geonode-users mailing list