[GeoNode-users] Issue with admin authentication

Annalisa Schiavon annalisa.schiavon at gmail.com
Mon Jul 24 04:33:21 PDT 2017


I changed those values without success.
I can login with geonode user with admin permissions in geonode and also in
geoserver, even if sometimes it fails. But also when geonode login fails in
geoserver, waiting for a while, then I can access. I don't know why. Even
without restart tomcat or apache.
But, for example, if I try to load a new layer I receive again this error:

Tried to make a GET request to
http://localhost:8080/geoserver/rest/workspaces/default.xml but got a 404
status code: No such workspace: default

I have some WARNING and ERRORS in the logs, like:

org.geoserver.security.GeoServerRestRoleService$1 executeWithContext
WARNING: null
com.jayway.jsonpath.PathNotFoundException: No results for path:
$['users'][0]['groups']
.....
ERROR [geoserver.rest] - No such workspace: default
24 Jul 13:06:12 ERROR [geoserver.rest] -
org.geoserver.rest.RestletException
at
org.geoserver.catalog.rest.WorkspaceFinder.findTarget(WorkspaceFinder.java:41)
.....
(my default workspace is named geonode ...)

If you want, I may attach full log.

For layers and maps already upload there are no problems, it seems.
Thanks




2017-07-20 11:19 GMT+02:00 Alessio Fabiani <alessio.fabiani at geo-solutions.it
>:

> You need to change those values:
>
> 1. GeoNode REST Role Service to -> <baseUrl>http://192.168.31.80</baseUrl>
>
> 2. Authentication filters, geonode-oauth2:
>
>   Access Token URI to -> http://192.168.31.80/o/token/
>   Check Token Endpoint URL to -> http://192.168.31.80/api/o/v4/tokeninfo/
>   Scopes to -> write
>
>
> Regards,
>
> Alessio Fabiani
>
> ==
> GeoServer Professional Services from the experts! Visit
> http://goo.gl/it488V for more information.
> ==
>
> Ing. Alessio Fabiani
>
> @alfa7691
> Founder/Technical Lead
>
>
> GeoSolutions S.A.S.
> Via di Montramito 3/A
> 55054  Massarosa (LU)
> Italy
> phone: +39 0584 962313 <+39%200584%20962313>
> fax:     +39 0584 1660272 <+39%200584%20166%200272>
> mob:   +39 331 6233686 <+39%20331%20623%203686>
>
> http://www.geo-solutions.it
> http://twitter.com/geosolutions_it
>
> -------------------------------------------------------
>
> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>
> Le informazioni contenute in questo messaggio di posta elettronica e/o
> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
> darcene notizia via e-mail e di procedere alla distruzione del messaggio
> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
> principi dettati dal D.Lgs. 196/2003.
>
> The information in this message and/or attachments, is intended solely for
> the attention and use of the named addressee(s) and may be confidential or
> proprietary in nature or covered by the provisions of privacy act
> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
> Code).Any use not in accord with its purpose, any disclosure, reproduction,
> copying, distribution, or either dissemination, either whole or partial, is
> strictly forbidden except previous formal approval of the named
> addressee(s). If you are not the intended recipient, please contact
> immediately the sender by telephone, fax or e-mail and delete the
> information in this message that has been received in error. The sender
> does not give any warranty or accept liability as the content, accuracy or
> completeness of sent messages and accepts no responsibility  for changes
> made after they were sent or for other risks which arise as a result of
> e-mail transmission, viruses, etc.
>
> On Wed, Jul 19, 2017 at 3:25 PM, Annalisa Schiavon <
> annalisa.schiavon at gmail.com> wrote:
>
>> I can enter in GeoNode REST Role Service. <baseUrl> was my ip:
>>
>> <baseUrl>http:// <http://localhost/>192.168.31.80</baseUrl>
>>
>> Now I set it to localhost. This is my screenshot:
>>
>> [image: Immagine incorporata 1]
>>
>>
>> In Authentication filters, geonode-oauth2 is setted as below:
>>
>> [image: Immagine incorporata 2]
>>
>> what I wrong?
>> ClientID and Client Secret are equal to those in Geonode Admin
>>
>> Thanks
>>
>> 2017-07-19 13:56 GMT+02:00 Alessio Fabiani <alessio.fabiani at geo-solutions
>> .it>:
>>
>>> In that case it might be a misconfiguration of the "GeoNode REST Role
>>> Service". Most likely if you try to enter it you will receive an error.
>>>
>>> You need to double check manually the file inside the GEOSERVER_DATA_DIR:
>>>
>>> $GEOSERVER_DATA_DIR/security/role/geonode\ REST\ role\ servi
>>> ce/config.xml
>>>
>>> and make sure this parameter points correctly to the base URL of your
>>> GeoNode instance
>>>
>>> <baseUrl>http://localhost</baseUrl>
>>>
>>>
>>>
>>> Regards,
>>>
>>> Alessio Fabiani
>>>
>>> ==
>>> GeoServer Professional Services from the experts! Visit
>>> http://goo.gl/it488V for more information.
>>> ==
>>>
>>> Ing. Alessio Fabiani
>>>
>>> @alfa7691
>>> Founder/Technical Lead
>>>
>>>
>>> GeoSolutions S.A.S.
>>> Via di Montramito 3/A
>>> 55054  Massarosa (LU)
>>> Italy
>>> phone: +39 0584 962313 <+39%200584%20962313>
>>> fax:     +39 0584 1660272 <+39%200584%20166%200272>
>>> mob:   +39 331 6233686 <+39%20331%20623%203686>
>>>
>>> http://www.geo-solutions.it
>>> http://twitter.com/geosolutions_it
>>>
>>> -------------------------------------------------------
>>>
>>> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>>>
>>> Le informazioni contenute in questo messaggio di posta elettronica e/o
>>> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
>>> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
>>> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
>>> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
>>> darcene notizia via e-mail e di procedere alla distruzione del messaggio
>>> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
>>> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
>>> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
>>> principi dettati dal D.Lgs. 196/2003.
>>>
>>> The information in this message and/or attachments, is intended solely
>>> for the attention and use of the named addressee(s) and may be confidential
>>> or proprietary in nature or covered by the provisions of privacy act
>>> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
>>> Code).Any use not in accord with its purpose, any disclosure, reproduction,
>>> copying, distribution, or either dissemination, either whole or partial, is
>>> strictly forbidden except previous formal approval of the named
>>> addressee(s). If you are not the intended recipient, please contact
>>> immediately the sender by telephone, fax or e-mail and delete the
>>> information in this message that has been received in error. The sender
>>> does not give any warranty or accept liability as the content, accuracy or
>>> completeness of sent messages and accepts no responsibility  for changes
>>> made after they were sent or for other risks which arise as a result of
>>> e-mail transmission, viruses, etc.
>>>
>>> On Wed, Jul 19, 2017 at 1:41 PM, Annalisa Schiavon <
>>> annalisa.schiavon at gmail.com> wrote:
>>>
>>>> I didn't delete the "admin" user in geonode, but ... there is a default
>>>> admin user in geonode? My superuser created with
>>>>
>>>>     geonode createsuperuser
>>>>
>>>> is named "geonode".
>>>> I migrated a geonode 2.4 db (than execute $ geonode migrate
>>>> --fake-initial); maybe I lost the admin user?
>>>> Among geonode users I have geonode, AnonymousUser and than my users
>>>> created in 2.4.
>>>>
>>>> In Geoserver, I've changed the default password of admin user and stop.
>>>>
>>>>
>>>>
>>>> 2017-07-19 11:42 GMT+02:00 Alessio Fabiani <
>>>> alessio.fabiani at geo-solutions.it>:
>>>>
>>>>> Did you deleted the "admin" user from  GeoNode? Or removed privileged
>>>>> status? If yes it is normal, otherwise not.
>>>>>
>>>>> Regards,
>>>>>
>>>>> Alessio Fabiani
>>>>>
>>>>> ==
>>>>> GeoServer Professional Services from the experts! Visit
>>>>> http://goo.gl/it488V for more information.
>>>>> ==
>>>>>
>>>>> Ing. Alessio Fabiani
>>>>>
>>>>> @alfa7691
>>>>> Founder/Technical Lead
>>>>>
>>>>>
>>>>> GeoSolutions S.A.S.
>>>>> Via di Montramito 3/A
>>>>> 55054  Massarosa (LU)
>>>>> Italy
>>>>> phone: +39 0584 962313 <+39%200584%20962313>
>>>>> fax:     +39 0584 1660272 <+39%200584%20166%200272>
>>>>> mob:   +39 331 6233686 <+39%20331%20623%203686>
>>>>>
>>>>> http://www.geo-solutions.it
>>>>> http://twitter.com/geosolutions_it
>>>>>
>>>>> -------------------------------------------------------
>>>>>
>>>>> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>>>>>
>>>>> Le informazioni contenute in questo messaggio di posta elettronica e/o
>>>>> nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
>>>>> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
>>>>> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
>>>>> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
>>>>> darcene notizia via e-mail e di procedere alla distruzione del messaggio
>>>>> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
>>>>> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
>>>>> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
>>>>> principi dettati dal D.Lgs. 196/2003.
>>>>>
>>>>> The information in this message and/or attachments, is intended solely
>>>>> for the attention and use of the named addressee(s) and may be confidential
>>>>> or proprietary in nature or covered by the provisions of privacy act
>>>>> (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
>>>>> Code).Any use not in accord with its purpose, any disclosure, reproduction,
>>>>> copying, distribution, or either dissemination, either whole or partial, is
>>>>> strictly forbidden except previous formal approval of the named
>>>>> addressee(s). If you are not the intended recipient, please contact
>>>>> immediately the sender by telephone, fax or e-mail and delete the
>>>>> information in this message that has been received in error. The sender
>>>>> does not give any warranty or accept liability as the content, accuracy or
>>>>> completeness of sent messages and accepts no responsibility  for changes
>>>>> made after they were sent or for other risks which arise as a result of
>>>>> e-mail transmission, viruses, etc.
>>>>>
>>>>> On Thu, Jul 13, 2017 at 9:29 AM, Annalisa Schiavon <
>>>>> annalisa.schiavon at gmail.com> wrote:
>>>>>
>>>>>> I don't want to create a different admin user of Geoserver. But
>>>>>> "admin" user (the default of Geoserver) is an Administrator if I set in
>>>>>> Security settings, "Active role service" = "default". If I set "Active role
>>>>>> service" = "geonode REST role service", the "admin" user is no longer an
>>>>>> administrator but a common user with no permission.
>>>>>> This is my edit user page of admin user, when I set geonode REST role
>>>>>> service:
>>>>>>
>>>>>> [image: Immagine incorporata 1]
>>>>>>
>>>>>> Is it normal? It's ok?
>>>>>>
>>>>>> Thanks
>>>>>> Annalisa
>>>>>>
>>>>>> 2017-07-13 8:25 GMT+02:00 Alessio Fabiani <
>>>>>> alessio.fabiani at geo-solutions.it>:
>>>>>>
>>>>>>> As stated in the documentation, GeoServer still has its own internal
>>>>>>> users.
>>>>>>>
>>>>>>> If you want to create an admin different from the default one in
>>>>>>> GeoServer also which works with basic auth also, you need to create a
>>>>>>> GeoServer internal user too.
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> Alessio Fabiani
>>>>>>>
>>>>>>> ==
>>>>>>> GeoServer Professional Services from the experts! Visit
>>>>>>> http://goo.gl/it488V for more information.
>>>>>>> ==
>>>>>>>
>>>>>>> Ing. Alessio Fabiani
>>>>>>>
>>>>>>> @alfa7691
>>>>>>> Founder/Technical Lead
>>>>>>>
>>>>>>>
>>>>>>> GeoSolutions S.A.S.
>>>>>>> Via di Montramito 3/A
>>>>>>> 55054  Massarosa (LU)
>>>>>>> Italy
>>>>>>> phone: +39 0584 962313 <+39%200584%20962313>
>>>>>>> fax:     +39 0584 1660272 <+39%200584%20166%200272>
>>>>>>> mob:   +39 331 6233686 <+39%20331%20623%203686>
>>>>>>>
>>>>>>> http://www.geo-solutions.it
>>>>>>> http://twitter.com/geosolutions_it
>>>>>>>
>>>>>>> -------------------------------------------------------
>>>>>>>
>>>>>>> AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
>>>>>>>
>>>>>>> Le informazioni contenute in questo messaggio di posta elettronica
>>>>>>> e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
>>>>>>> loro utilizzo è consentito esclusivamente al destinatario del messaggio,
>>>>>>> per le finalità indicate nel messaggio stesso. Qualora riceviate questo
>>>>>>> messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
>>>>>>> darcene notizia via e-mail e di procedere alla distruzione del messaggio
>>>>>>> stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
>>>>>>> divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
>>>>>>> utilizzarlo per finalità diverse, costituisce comportamento contrario ai
>>>>>>> principi dettati dal D.Lgs. 196/2003.
>>>>>>>
>>>>>>> The information in this message and/or attachments, is intended
>>>>>>> solely for the attention and use of the named addressee(s) and may be
>>>>>>> confidential or proprietary in nature or covered by the provisions of
>>>>>>> privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data
>>>>>>> Protection Code).Any use not in accord with its purpose, any disclosure,
>>>>>>> reproduction, copying, distribution, or either dissemination, either whole
>>>>>>> or partial, is strictly forbidden except previous formal approval of the
>>>>>>> named addressee(s). If you are not the intended recipient, please contact
>>>>>>> immediately the sender by telephone, fax or e-mail and delete the
>>>>>>> information in this message that has been received in error. The sender
>>>>>>> does not give any warranty or accept liability as the content, accuracy or
>>>>>>> completeness of sent messages and accepts no responsibility  for changes
>>>>>>> made after they were sent or for other risks which arise as a result of
>>>>>>> e-mail transmission, viruses, etc.
>>>>>>>
>>>>>>> On Wed, Jul 12, 2017 at 2:09 PM, Annalisa Schiavon <
>>>>>>> annalisa.schiavon at gmail.com> wrote:
>>>>>>>
>>>>>>>> I add that if I run this command:
>>>>>>>>
>>>>>>>> $ curl http://localhost/api/users/admin
>>>>>>>>
>>>>>>>> I get:
>>>>>>>> {"users": []}
>>>>>>>>
>>>>>>>> The other cmd:
>>>>>>>>
>>>>>>>> curl http://localhost/api/adminRole
>>>>>>>> curl http://localhost/api/users
>>>>>>>> curl http://localhost/api/roles
>>>>>>>>
>>>>>>>> are ok.
>>>>>>>>
>>>>>>>> I attach the last lines of geoserver.log
>>>>>>>>
>>>>>>>> I've migrated from geonode 2.4 to geonode 2.6.
>>>>>>>> I've changed the geoserver data dir coping the original 2.9 and
>>>>>>>> than replacing these directories from my geoserver 2.7:
>>>>>>>>
>>>>>>>>    - data
>>>>>>>>    - layergroups
>>>>>>>>    - legendsamples
>>>>>>>>    - styles
>>>>>>>>    - workspace
>>>>>>>>
>>>>>>>> Thanks for any reply
>>>>>>>> Annalisa
>>>>>>>>
>>>>>>>>
>>>>>>>> 2017-07-12 12:48 GMT+02:00 Annalisa Schiavon <
>>>>>>>> annalisa.schiavon at gmail.com>:
>>>>>>>>
>>>>>>>>> Hi all.
>>>>>>>>> I've followed this doc because I had some problems with
>>>>>>>>> permissions on layers: http://docs.geonode.org/en/mas
>>>>>>>>> ter/tutorials/admin/geoserver_geonode_security/index.html .
>>>>>>>>>
>>>>>>>>> My geonode superuser is "*geonode*", so I access Geoserver with
>>>>>>>>> geonode and setted geonode REST role service as Active role
>>>>>>>>> service in Security settings.
>>>>>>>>>
>>>>>>>>> After doing this, I can no more login in Geoserver with *admin*
>>>>>>>>> user.
>>>>>>>>> Unfortunately, I made a "updatelayer" with --remove-deleted option
>>>>>>>>> and this deleted all my layers from geonode. In geoserver there are all
>>>>>>>>> layers.
>>>>>>>>>
>>>>>>>>> I try to change back Security settings and set it to "default".
>>>>>>>>> Now if I make an updatelayers, geonode recreate my layers (but I have to
>>>>>>>>> restore my old backups because I lost all metadata and link with the maps).
>>>>>>>>>
>>>>>>>>> I hope that after restoring geonode DB and doing "geonode migrate
>>>>>>>>> --fake-initial" I'll return to my situation of yesterday.
>>>>>>>>> But how should I set Security settings?
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>> Annalisa
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> geonode-users mailing list
>>>>>> geonode-users at lists.osgeo.org
>>>>>> https://lists.osgeo.org/mailman/listinfo/geonode-users
>>>>>>
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> geonode-users mailing list
>>>> geonode-users at lists.osgeo.org
>>>> https://lists.osgeo.org/mailman/listinfo/geonode-users
>>>>
>>>>
>>>
>>
>> _______________________________________________
>> geonode-users mailing list
>> geonode-users at lists.osgeo.org
>> https://lists.osgeo.org/mailman/listinfo/geonode-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170724/4cc0c052/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 204972 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170724/4cc0c052/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 143763 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170724/4cc0c052/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 169565 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170724/4cc0c052/attachment-0005.png>


More information about the geonode-users mailing list