Hi Joerg,
I am afraid it's not working because Cocoon is running on the localhost
and wms-server on a virtual host which can't be accessed using localhost
or 127.0.0.1. I am planning of adding these "secure" wms-servers into
other virtual hosts which each have their own subdomain.domain.net
address. To my knowledge, it's the only reasonable way of separate
Geoservers datasets from each other so that users will have access only
for their own data.
On the other hand I need Cocoon for document production and that
instance can be common. As far as I know, there is no point of deploying
multiple Cocoon on the same host. It just doesn't work.
So this seems to be much of a TomCat issue. But I don't know is that
user:[EMAIL PROTECTED] approach so bad after all. I just have to make
sure that nobody can't access that xsl. Security level demand in this
application is quite low.
cheers
mika
Joerg Heinicke kirjoitti:
If I understand it correctly you have two independent web applications
in the same Tomcat instance. Couldn't you stay "inside" the secure
area so that you don't need to authenticate from Cocoon when accessing
the WMS server? I think you can check if the accessed URL was
localhost or 127.0.0.1.
Joerg
On 14.02.2008 12:44, Lehtonen, Mika wrote:
I did a quick and dirty solution: I add
src="http://user:[EMAIL PROTECTED]" to my fo:external-graphics
tag. Just for the testing.
Any better ideas?
Are there any way to build something to sitemap, which would do the
trick? The user has just logged into the GeoServer so there must be
some way to forward authentication info into cocoon and pass it back
to Geoserver. Sounds stupid. Am I doing this too complicated?
reg. mika
Lehtonen, Mika kirjoitti:
Hi,
Cocoon 2.1.11 / TomCat 6.0.14
Cocoon is running in "main" host and wms-server (GeoServer) in
another virtual host. Cocoon gets rasterdata from wms and renders it
into pdf. So there is fo:external-graphics tag in the xsl, which has
a wms-request as a src attribute.
Everything works fine until I add authentication (openLDAP + JNDI)
into wms-server. Cocoon can't get the data anymore, because it can't
authenticate itself.
Have anybody any idea how to solve this? It might be as much a
TomCat issue, but I believe there are lots of TomCat experts round
here too. I tried SingleSignOn valve in Tomcat but I guess it works
only among the applications under same virtual host.
- mika -
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]