Hi The GeoServer 2.2.x security subsystem allows proxy authentication. Is it possible for you to add a http header attribute with the user name (password is NOT required)
Christian Zitat von cheesybiscuits <[email protected]>: > I think I have a legitimate reason to ask the same question so hopefully > there is an easy way to do this. > > I'm writing a .NET application that uses GeoServer and relies on Windows > Authentication. I need to use GeoServer's role-based security but I can't > ask the user to login using a GeoServer account after they've just logged in > with a Windows account. > > My planned approach: > - Use IIS reverse proxy URL rewrites so that > http://dot.net.application/geoserver routes me through to Tomcat, removing > any cross-domain issues (because now my .NET application and GeoServer > appear on the same domain) > - .NET landing page uses Windows Authentication to verify identify > - .NET requests a new session from GeoServer (this is the bit I'm currently > interested in) > - Based on the Windows user's group .NET logs in to GeoServer with a known > username / password combination with appropriate permissions for that > Windows User Group (by posting to j_spring_security_check) > - Once logged-in .NET passes the GeoServer JSESSIONID cookie back to the > browser, so that the browser can hit http://.../geoserver as an > authenticated GeoServer user (due to the proxy approach this is not a > third-party cookie) > > Providing authentication details in each request to GeoServer in an auth > header isn't an option because I don't want to send the encoded user / pass > combination out to the browser > > If this sounds overly complex and there is a better approach I'd love to > hear about it. If not then currently I have to request > http://.../geoserver/web before GeoServer provides a new JSESSIONID. I'd > like an easier way of getting it if possible > > -- > View this message in context: > http://osgeo-org.1560.n6.nabble.com/Getting-JSESSIONID-whithout-authentication-tp3795976p4983783.html > Sent from the GeoServer - User mailing list archive at Nabble.com. > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Geoserver-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/geoserver-users > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
