Hi Mauro,
My initial need was to make a SSO authentication in order to manage security
on database level. I tried more solutions for example :
* The connecting to my Oracle Datastores by a SSO authentication on
database level
* The using of waffle to impersonate the Apache context with the web
request user
All this solutions did not worked, now I try an other solution by using the
LDAP authentication and the custom SQL session startup script of the Oracle
store in order to set the authorizations on database level.
By this way, I must use a basic authentication in each header of Geoserver web
request.
I'd want to know if is it possible to use a NTLM or KERBEROS token in a web
request header what I'll supplied to make the LDAP authentication in Geoserver?
Thanks in advance for your help.
Best regards
Kamardine
________________________________
De : Mauro Bartolomeoli <[email protected]>
Envoyé : mercredi 7 janvier 2015 09:37
À : Kamardine YOUSSOUFA
Cc : [email protected]
Objet : Re: [Geoserver-users] How use impersonation with Geoserver
Hi Kamardine,
I don't think you can directly use the waffle libraries with GeoServer, without
writing some wrapper codes to integrate it with the GeoServer Security system
(I see from the documentation that the libraries include Spring filters, so it
should not be that difficult). Talking about impersonation in particular, I am
curious to know what you need impersonation for, so that I can understand if
there is any way to achieve what you need with GeoServer security.
Mauro
2015-01-05 11:29 GMT+01:00 Kamardine YOUSSOUFA
<[email protected]<mailto:[email protected]>>:
Hi every body,
I want to impersonate Tomcat in order to use the client request user
authentication in Geoserver.
To do it, I installed the Waffle librairies in Tomcat, then I was able to
perform correctly the impersonation with test web application.
In contrast, with Geoserver it doesn't work.
Waffle documentation
(https://github.com/dblock/waffle/blob/master/Docs/ServletSingleSignOnSecurityFilter.md)
indicates :
"Note that there is no mapping between the Windows native threads, under which
the impersonation takes place, and the Java threads. Thus you'll need to use
Windows native APIs to perform impersonated actions. Any action done in Java
will still be performed with the user account running the servlet container."
I want to know, if someone has already use the impersonation with Geoserver by
using Waffle or by an other methode.
My environment is :
* Windows 2008 R2 x64
* Oracle 11g R2 x64
* Geoserver 2.61
* Apache 7.0.47 x64
* Java 1.7
Thanks for your help.
Best regards,
Kamardine
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now.
http://goparallel.sourceforge.net<http://goparallel.sourceforge.net/>
_______________________________________________
Geoserver-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/geoserver-users
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
