[GeoNode-users] HOW TO SECURELY INTERACT WITH GEONODE API
Alessio Fabiani
alessio.fabiani at geo-solutions.it
Mon Jul 19 01:05:20 PDT 2021
Hello Edgar,
if GeoNode is served by an HTTPD service, like NGINX, you will need to
allow CORS from there too.
It might be also possible that through the browser you will still need to
perform the Django authentication in order to get access to the protected
areas.
If still not working, it might be an issue with the GeoNode
decorators protecting the api endpoints.
Alessio.
Il giorno lun 19 lug 2021 alle ore 09:58 edgar mlowe <mloweedgar0 at gmail.com>
ha scritto:
> Thank you Alessio,
>
> I figured out that I can also use basic auth to access genode API, I
> tested with Postman it worked. My Only problem now is that When I call
> Geonode API from my react app(using basic auth i.e passing base64 encoded
> string of username and password in authorization header) I do get cors. but
> if I make a http call to Geonode API without passing the authorization
> header(basic auth), I don't get the cors.
>
> Do you have an idea on what configuration I might be missing in the
> Genode? I have already set CORS_ORIGIN_ALLOW_ALL=True in .env. I have
> installed Geonode using docker.
>
> On Mon, Jul 19, 2021 at 10:32 AM Alessio Fabiani <
> alessio.fabiani at geo-solutions.it> wrote:
>
>> Hello Edgar,
>> it depends on how you are using the APIs. In a browser session, once you
>> successfully authenticate on Django, the session cookie will automatically
>> authenticate you.
>>
>> Once authenticated, if you need to know about your "access_token" just
>> hit the endpoint https://<geonode>/api/o/v4/userinfo
>>
>> Alessio.
>>
>> Il giorno sab 17 lug 2021 alle ore 17:07 edgar mlowe <
>> mloweedgar0 at gmail.com> ha scritto:
>>
>>> Hello Everyone,
>>>
>>> Iam using Geonode REST API to integrate my custom web application, I'm
>>> facing the challenge on how to get for example access token that I can use
>>> in my authorization hear to access protected resources.
>>>
>>> Anyone who can guide me on authentication/authorization regarding the
>>> GEONODE API I will appriciate so much. Iam using Geonode 3.2.0.
>>>
>>> Kind regards,
>>> Edgar.
>>> _______________________________________________
>>> geonode-users mailing list
>>> geonode-users at lists.osgeo.org
>>> https://lists.osgeo.org/mailman/listinfo/geonode-users
>>>
>>
>>
>> --
>>
>> ==
>>
>> GeoServer Professional Services from the experts! Visit
>> http://goo.gl/it488V for more information.
>> ==
>> Ing. Alessio Fabiani
>>
>> @alfa7691
>> Founder/Technical Lead
>>
>>
>> GeoSolutions S.A.S.
>> Via di Montramito 3/A - 55054 Massarosa (LU) - Italy
>> phone: +39 0584 962313
>> fax: +39 0584 1660272
>> mob: +39 331 6233686
>>
>>
>> http://www.geo-solutions.it
>> http://twitter.com/geosolutions_it
>> -------------------------------------------------------
>>
>> Con riferimento alla normativa sul trattamento dei dati personali (Reg.
>> UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si
>> precisa che ogni circostanza inerente alla presente email (il suo
>> contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è
>> riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il
>> messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra
>> operazione è illecita. Le sarei comunque grato se potesse darmene notizia.
>>
>>
>> This email is intended only for the person or entity to which it is
>> addressed and may contain information that is privileged, confidential or
>> otherwise protected from disclosure. We remind that - as provided by
>> European Regulation 2016/679 “GDPR” - copying, dissemination or use of this
>> e-mail or the information herein by anyone other than the intended
>> recipient is prohibited. If you have received this email by mistake, please
>> notify us immediately by telephone or e-mail.
>>
> _______________________________________________
> geonode-users mailing list
> geonode-users at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/geonode-users
>
--
==
GeoServer Professional Services from the experts! Visit http://goo.gl/it488V
for more information.
==
Ing. Alessio Fabiani
@alfa7691
Founder/Technical Lead
GeoSolutions S.A.S.
Via di Montramito 3/A - 55054 Massarosa (LU) - Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 331 6233686
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
-------------------------------------------------------
Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE
2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si
precisa che ogni circostanza inerente alla presente email (il suo
contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è
riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il
messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra
operazione è illecita. Le sarei comunque grato se potesse darmene notizia.
This email is intended only for the person or entity to which it is
addressed and may contain information that is privileged, confidential or
otherwise protected from disclosure. We remind that - as provided by
European Regulation 2016/679 “GDPR” - copying, dissemination or use of this
e-mail or the information herein by anyone other than the intended
recipient is prohibited. If you have received this email by mistake, please
notify us immediately by telephone or e-mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/geonode-users/attachments/20210719/52df73a8/attachment-0001.html>
More information about the geonode-users
mailing list