1) Basic Auth AFAIK, using basic auth in a URL "http://user:pass@loacalhost:8080/geoserver/wms"; is not a standard. I have read firefox is able to do that.
The authentication must be put in a HTTP Header attribute. What you have to do is to add a http header attribute "Authorization" with the following value: Build a string with your concrete values username:password Calculate the base64 encoding of this string. Create a string with "Basic " and append the base64 encoding. Sample: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== 2) Form authentication. The result of a successful form authentication is a cookie called "JSESSIONID". You have to guarantee that this cookie is included in subsequent reqeusts, otherwise authentication will fail. (Attribute "Cookie", value = JSESSIONID=???" Hint: if you use firefox, install https://addons.mozilla.org/en-US/firefox/addon/tamper-data/ This add on helps a lot for inspecting headers. Hope this helps Zitat von Davi Serrano <[email protected]>: > I'm having the same problem... Anybody?? > > 2011/11/14 Hugo <[email protected]> > >> Hello all, >> >> I'm trying to achieve geoserver authentication through a webpage so that i >> can load secured layers into an openlayers app, but untill the moment i was >> not able to do that. >> >> I've tried the basic http authentication >> (http://user:pass@loacalhost:8080/geoserver/wms) >> but this approach will always show me a form to enter the user and >> password. I alreadey have an authentication interface before showing the >> map. On a successful auth the server sends back the geoserver user and >> corresponding password. >> So i just need to use the response to login to geoserver. >> >> Using the hints from >> http://getsatisfaction.com/opengeo/topics/auth_in_geoserver_with_html_php_js >> >> i >> have tried the following: >> >> Ext.Ajax.request({ >> url: 'http://localhost:8080/geoserver/j_spring_security_check?', >> method: 'POST', >> scriptTag: true, >> params: { >> username: geoserverUser, >> password: geoserverPass >> }, >> success: function(){do stuff...} >> }); >> >> Nevertheless, the form is still popping out to introduce the user and >> password, although i get a sucessfull post request. >> Any hints on how to solve this? As of my understanding of Tim's >> explanation (on the link provided above) that should be it, but... >> >> Thanks in advance. >> Kind regards, >> >> Hugo >> >> >> -- >> Hugo Martins >> LabNT - ISEGI UNL >> Campus de Campolide >> 1070-312 Lisboa >> N 38°43'56.84", W 9°9'35.74" >> >> >> ------------------------------------------------------------------------------ >> RSA(R) Conference 2012 >> Save $700 by Nov 18 >> Register now >> http://p.sf.net/sfu/rsa-sfdev2dev1 >> _______________________________________________ >> Geoserver-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/geoserver-users >> >> > > > -- > [ ]'s > > Davi Oliveira Serrano de Andrade > Laboratório de Sistemas de Informação - http://lsi.dsc.ufcg.edu.br > Graduando em Ciência de Computação - http://www.ccc.ufcg.edu.br > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
