The trick with the "remember me" cookie should work. Note that the value of the cookie starts and ends with a double quote, and contains ==. Normally these four characters would be URL escaped (%20, %D3), but then acegi will not accept them. So make sure they're set exactly like you receive them, I think the cookie is just deleted if it's rejected.
Technically, the best practice is probably to write acegi / Spring Security plugins linked to your frontend application. I found it quite challenging though. -Arne On 11/16/10 10:01 PM, Jamie Popkin wrote: > I'm trying to access some secured wms services through basic authentication. > I figured the most secure way to do this was have a cgi script grab the > "remember me" authentication cookie through a local curl request. Then have > that returned to the user and entered as a cookie. > > I've been unsuccessful at getting this to work. Can anyone see a problem > with this set-up? > > What is the best (and proper) way to authenticate with Geoserver and then > access the protected layers. In particular through OpenLayers? It can't seem > to find any examples that work. > > Thanks in advance. > Jamie ------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today http://p.sf.net/sfu/msIE9-sfdev2dev _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
