Hi Paolo
First, for WMS requests, solution 2) is recommended. Lets have a look a the
output you included in your last mail trying solution 1).
302 is not an error code, it is an HTTP redirect. The redirect url is
stored in the "location" response header attribute. In your php sample,
the login request is NOT successful and you are redirected to the geoserver
login page. (I am not used to develop in PHP and I cannot give you a hint).
The curl example works well. Login is successful and you are redirected to
the Geoserver start page.
As you can see you always get a 302 response code. I would switch to basic
auth.
Christian
2013/2/21 Paolo Corti <pco...@gmail.com>
> On Thu, Feb 21, 2013 at 9:30 AM, Christian Mueller
> <christian.muel...@os-solutions.at> wrote:
> > Hi Paolo
> >
> > Which GeoServer version are you talking about ?
> >
> > Two possibilities
> >
> > 1) If you authenticate using
> > 'http://myserver/geoserver/j_spring_security_check'
> > you have to send two http parameters in the POST body
> >
> > username: myusername
> > password: mypassword
> >
> > You will receive a cookie which you have to attach to all future
> requests.
> > No basic auth needed.
> >
> > 2) Call the services directly and add the "Authorization" header for
> EACH
> > request. Geoserver does not create a session.
> >
> > Hope that helps
> >
>
> Hi Christian,
>
> thanks so much for the excellent explanation ;)
> I am using GeoServer 2.1-SNAPSHOT, that is what we have in production
> here.
>
> I have been testing the first solution yesterday, before I ended up
> being confused between the two methods.
>
> This is what I did:
>
> from httplib2 import Http
> from urllib import urlencode
> h = Http()
> url = 'http://myserver/geoserver/j_spring_security_check'
> data = dict(username="myuser", password="mypassword")
> gs_resp, gs_content = h.request(url, "POST", urlencode(data) )
>
> ipdb> gs_resp
> {'status': '302', 'content-length': '0', 'set-cookie':
> 'JSESSIONID=A0C2E89C4D82BCAFBF8DD4D8A5621085; Path=/geoserver',
> 'server': 'Apache-Coyote/1.1', 'location':
> '
> http://myserver/web/;jsessionid=A0C2E89C4D82BCAFBF8DD4D8A5621085?wicket:bookmarkablePage=:org.geoserver.web.GeoServerLoginPage&error=true
> ',
> 'date': 'Tue, 19 Feb 2013 17:17:27 GMT', 'content-type': 'text/plain'}
>
> Still a 302 error.
> The cookie is anyway generated:
> JSESSIONID=A5608A92A39E1E1433475AF03FCB616A; path=/geoserver;
> domain=localhost
>
> but If at this point I try to load in the map some secured layer, I
> have no success.
>
> With curl I am experiencing the same 302 error:
>
> $ curl -v --data "username=myuser&password=mypassword"
> http://myserver/geoserver/j_spring_security_check
> * About to connect() to myserver port 80 (#0)
> * Trying 74.3.255.211... connected
> > POST /geoserver/j_spring_security_check HTTP/1.1
> > User-Agent: curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1
> zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> > Host: myserver
> > Accept: */*
> > Content-Length: 32
> > Content-Type: application/x-www-form-urlencoded
> >
> * upload completely sent off: 32out of 32 bytes
> < HTTP/1.1 302 Moved Temporarily
> < Date: Tue, 19 Feb 2013 17:15:14 GMT
> < Server: Apache-Coyote/1.1
> < Location:
> http://myserver/geoserver/;jsessionid=132EC849573AF8BA01210B6306EF85A0
> < Content-Length: 0
> < Set-Cookie: JSESSIONID=132EC849573AF8BA01210B6306EF85A0; Path=/geoserver
> < Content-Type: text/plain
> <
> * Connection #0 to host myserver left intact
> * Closing connection #0
>
> any suggestions?
> thanks in advance
> p
>
> --
> Paolo Corti
> Geospatial software developer
> web: http://www.paolocorti.net
> twitter: @capooti
> skype: capooti
>
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
