IMHO we should deprecate this module because it does not make sense. The documentation says that this approach must always be used with HTTPS connections, why not send the name of the user directly.
The new security module allows to install a ProxyAuthenticationFilter, unluckily not described in the user guide until now. You only need to configure a header attribute name and the filter will use this name. The client has to add the header attribute and the user name in the request. But how to prevent attacks ?. Each proxy scenario needs a relationship of trust. You can use the network infrastructure (allowing such requests only from a specific host or network) or you can use the header attribute name as shared secret. Instead of using username=admin use asfd987sg209sfjal=admin Hope that helps Christian Zitat von Andrea Aime <[email protected]>: > On Fri, Oct 5, 2012 at 6:26 PM, Otto Krauth <[email protected]> wrote: > >> Do I need to add a Header Authentication to the security settings if I >> used AuthKey? I am new with GS, some of this is not too clear for me. >> >> > You shouldn't, however the authkey module was developed against 2.1.x and > maybe the deep changes in 2.2.x security > broke it > > Cheers > Andrea > > -- > == > Our support, Your Success! Visit http://opensdi.geo-solutions.it for more > information. > == > > Ing. Andrea Aime > @geowolf > Technical Lead > > GeoSolutions S.A.S. > Via Poggio alle Viti 1187 > 55054 Massarosa (LU) > Italy > phone: +39 0584 962313 > fax: +39 0584 1660272 > mob: +39 339 8844549 > > http://www.geo-solutions.it > http://twitter.com/geosolutions_it > > ------------------------------------------------------- > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
