Le 2012-11-07 16:30, Landry Breuil a écrit : > On 11/07/12 16:18, christian.muel...@nvoe.at wrote:
Hi christian, and thank you very much for your (and the community) works on the auth subsystem, allowing us to use an unpatched GS in geOrchestra. >> You have a relationship of trust between the proxy and GeoServer. If >> the >> proxy send the header sec-uname the principal is considered as >> authenticated and the role ROLE_AUTHENTICATED is assigned. If you >> send >> sec-uname:anonymous the anonymous user is handled as any other user. OK, Landry, I didn't catch the point with anonymousUser but you're right, the secproxy has to make sure that anon users are not ROLE_AUTHENTICATED. I agree, we have to send an empty header. > With that, i correctly get 401 codes when unauthenticated and trying > to access a protected layer behind my proxy Good point ! And thanks for your tests. ------------------------------------------------------------------------------ LogMeIn Central: Instant, anywhere, Remote PC access and management. Stay in control, update software, and manage PCs from one command center Diagnose problems and improve visibility into emerging IT issues Automate, monitor and manage. Do more in less time with Central http://p.sf.net/sfu/logmein12331_d2d _______________________________________________ Geoserver-users mailing list Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users