[GeoNode-users] geoserver authentication in multi-geosites
Eugenio Trumpy
frippe12573 at hotmail.com
Fri May 19 04:42:54 PDT 2017
Hi all,
unfortunately I was not able to solve the issue raised in this thread. I was just living in the situation described.
However, today I have to face a consequent, I guess, issue.
>From a child site I'm not able to download a raster layer (uploaded as tif) in geotiff format (i.e. in the download menu there is not the item 'Geotiff').
If I try to download the same raster layer from the master site it is possible (i.e. in the download menu there is the item 'Geotiff').
I think is a matter of geoserver configuration/authentication in geonode-multitenancy environment.
Have you got any suggestion?
E.
________________________________
Da: Simone Dalmasso <simone.dalmasso at gmail.com>
Inviato: mercoledì 5 aprile 2017 15.39
A: Eugenio Trumpy
Cc: geonode-users at lists.osgeo.org
Oggetto: Re: geoserver authentication in multi-geosites
Eugenio, I don't see wrong config. It is ok I guess to leave the master site host in the gs config as well as I think it is ok that you cannot log in directly into gs from a child site. That said, when geosites was developed, the geoserver ext was modified to make sure that geoserver pings the same host that made the http request for authentication instead of relying on the base url parameter. So ideally it should work as you would expect.
2017-04-05 14:39 GMT+02:00 Eugenio Trumpy <frippe12573 at hotmail.com<mailto:frippe12573 at hotmail.com>>:
Hi,
I'm working on geonode 2.4 in a Ubuntu server 14.04LTS (tomcat7, java8).
I had to upgrade geoserver from 2.7.x version up to 2.9.x.
In the system I configured geonode to work as multi-geosites.
The master site is the normal geonode site, I mean it use the local_setting.py I have in /geonode/geonode
The geosites are in /geonode/geonode/contrib/geosites, and they use the relative config files.
The documentation: https://github.com/terranodo/geosites-project/blob/master/GEOSITES-README.md
indicates to leave empty <baseurl> in config.xml in security/auth/geonodeauthprovider/
In that way I have this error:
java.lang.IllegalArgumentException: host parameter is null
org.apache.commons.httpclient.HttpConnection.<init>(HttpConnection.java:206)
org.apache.commons.httpclient.HttpConnection.<init>(HttpConnection.java:155)
org.apache.commons.httpclient.SimpleHttpConnectionManager.getConnectionWithTimeout(SimpleHttpConnectionManager.java:175)
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:153)
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
org.geonode.security.HTTPClient.sendGET(HTTPClient.java:89)
org.geonode.security.DefaultSecurityClient.authenticate(DefaultSecurityClient.java:185)
org.geonode.security.DefaultSecurityClient.authenticateCookie(DefaultSecurityClient.java:116)
org.geonode.security.GeoNodeAuthenticationProvider.authenticate(GeoNodeAuthenticationProvider.java:66)
org.geoserver.security.GeoServerAuthenticationProvider.authenticate(GeoServerAuthenticationProvider.java:58)
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:167)
org.geoserver.security.GeoServerSecurityManager$1.authenticate(GeoServerSecurityManager.java:323)
org.geonode.security.GeoNodeCookieProcessingFilter.doFilter(GeoNodeCookieProcessingFilter.java:94)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:69)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
org.geoserver.security.filter.GeoServerSecurityContextPersistenceFilter$1.doFilter(GeoServerSecurityContextPersistenceFilter.java:53)
org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:73)
org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:92)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
org.geoserver.security.GeoServerSecurityFilterChainProxy.doFilter(GeoServerSecurityFilterChainProxy.java:152)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:87)
org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:42)
org.geoserver.filters.SessionDebugFilter.doFilter(SessionDebugFilter.java:48)
org.geoserver.filters.FlushSafeFilter.doFilter(FlushSafeFilter.java:44)
org.springframework.web.filter.CharacterEncodingFilter.doFilterIntaernal(CharacterEncodingFilter.java:121)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
both if I use the geoserver link in the menu (once logged in) and if I call geoserver by using the geoserver url in the browser address bar.
If set the doman name of the master site in <baseurl> in config.xml in security/auth/geonodeauthprovider/
I'm able to enter in geoserver as admin from the menu, by the way doing the same operation from a geosite
I got the geoserverage but not logged.
The master site virtualhost as well as those of the geosites have the proxypass and reverse pointing to http://localhost:8080/geoserver
The same in /geonode/geonode/contrib/geosites/local_setting.py and pre-setting.py I have http://localhost:8080/geoserver
Is there a wrong configuration?
Any hints?
--
Simone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20170519/779685f9/attachment.html>
More information about the geonode-users
mailing list