I'm trying to send remote wms queries from a java application and use authentication within GeoServer.
I'm new to GeoServer so I'm trying to figure out how security/authentication works. First off the java application successfully makes the request via http://hostIP:8080/geoserver/wms?REQUEST=getCapabilities&SERVICE=WMS&VERSION=1.1.1 I get a valid response and all is good without any authentication. I may have gotten a little off track as to how to setup authentication because of trying to piece together multiple different sources of information I've read. So I think my GeoServer configuration is probably a mess. I may have edited files that don't need editing. I've added a user to the users.properties file userAuth=userauth,ROLE_USER_AUTH I've added some stuff to the web.xml file <security-constraint> <display-name>Restricted to user auth</display-name> <web-resource-collection> <web-resource-name>Restricted Access</web-resource-name> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-methond<POST</http-method> </web-resource-collection> <auth-constraint> <role-name>ROLE_USER_AUTH</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>AuthRealm</realm-name> </login-config> I've added stuff to the realm.properties file userAuth: userauth,ROLE_USER_AUTH I've added stuff to the jetty.xml file <Set name="UserRealms"> <Array type="org.mortbay.jetty.security.UserRealm"> <Item> <New class="org.mortbay.jetty.security.HashUserRealm"> <Set name="AuthRealm"</Set> <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set> <Set name="refreshInterval">5</Set> <Call name="start"></Call> </New> </Item> </Array> </Set> At one point I added stuff to the service,services and dispathcer files, but have since restored them to default. I've tried both GET and POST requests and even read a little about servlets. With the current settings the request is successfully denied, but I don't know how to add the user and password successfully. I did get a login prompt when using a web browser, which didn't except my username and password. I received a jetty error "User is not in required role" HTTP ERROR: 403 The goal is to use my java application and not a web browser though. The goal is to only allow authorized users to make service request on the GeoServer. On my client side the goal is to find a way to supply the username and password either in the request itself or through a login prompt when a request is made. I've seen alot of talk about Apache and Tomcat, but I thought GeoServer was a stand alone java web server. Do I need to run either Apache or Tomcat in conjunction with GeoServer in order to handle authentication? Do I need to have a servlet in order to have a login prompt if I'm not using a browser? I need to not just manage credentials in my client application, but restrict any application from making request if not authorized. Why when using a browser and supplying a username a password do I get a "User not in required role" error message, what is the required role? Any help provided to get things sorted out would be greatly appreciated. Thanks -- View this message in context: http://old.nabble.com/Implementing-GeoServer-client-Authentication-tp30406711p30406711.html Sent from the GeoServer - User mailing list archive at Nabble.com. ------------------------------------------------------------------------------ This SF Dev2Dev email is sponsored by: WikiLeaks The End of the Free Internet http://p.sf.net/sfu/therealnews-com _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
