Thanks Christian,
What I am currently have for Geoserver 2.0 is re-using a Tomcat JDBCRealm
database, which has tables 'users' and 'user_roles'.
I edited geoserver's applicationSecurityContext.xml to
replace the default GeoserverUserDao bean with a JdbcDaoImpl bean.
This meant I could not use the geoserver interface to edit these
users and roles, but that was no big deal.
I don't really fancy writing my own authentication provider for
Geoserver 2.4, so I will have to rethink how to integrate
the display of geoserver services with our internal Tomcat apps, and
investigate
how to pass authentication automatically as part of a request from
a java servlet, rather than let geoserver prompt for username/password.
Any pointers on this alternative?
Regards,
Chris
On 01/10/2013 09:37, Christian Mueller wrote:
Hi Chris
Not sure how your authentication schema works.
There is a JDBC connection provider
http://docs.geoserver.org/stable/en/user/security/auth/providers.html
authenticating a user using a jdbc connect.
If you have a table with user name + md5 hash, you need to develop
your own authentication provider.
You should hava a look at class
org.geoserver.security.jdbc.JDBCConnectAuthProvider
You can inject your authentication provider by creating your own community
module. Unfortunately, until now, there is no documentation in the developers
guide. Maybe I can assist.
Cheers
Christian
On Mon, Sep 30, 2013 at 3:28 PM, Chris Morgan <[email protected]
<mailto:[email protected]>> wrote:
Hello everyone,
I've been away from the geoserver community for a while,
but I am back now looking to upgrade our working Geoserver
installation.
We have a working geoserver V2.0 installation, which
uses a shared JDBC database containing MD5 password hashes
for authentication - I managed to get geoserver to recognise
this instead of the old plain text users.properties file by manually
editing applicationSecurityContext.xml to add new
userDetailsService and dataSource beans.
I would now like to use this same user database with the
current version of Geoserver, but I see that the comprehensive
new authentication framework has completely skipped past
MD5 password hashing!
Is there any way to get Geoserver V2.4 to
use a user/group service with simple MD5 password hashes instead
of the PBE or SHA algorithms used by default?
Thanks,
Chris
------------------------------------------------------------
Lynx Information Systems Ltd
93-99 Upper Richmond Rd
London SW15 2TG
United Kingdom
Web: http://www.lynxinfo.co.uk
Email: [email protected] <mailto:[email protected]>
Tel: +44 (0)20 8780 2634 <tel:%2B44%20%280%2920%208780%202634>
Fax: +44 (0)20 8780 0931 <tel:%2B44%20%280%2920%208780%200931>
Registered in England Number 2454130
VAT Number GB 561 8979 88
Incoming and outgoing emails are checked for viruses
by Sophos AntiVirus.
This email may contain confidential information which is
intended for the named recipient(s) only. If you are
not the named recipient you should not take any action in
relation to this email, other than to notify us that you
have received it in error.
------------------------------------------------------------
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get
the most from
the latest Intel processors and coprocessors. See abstracts and
register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/geoserver-users
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------
Lynx Information Systems Ltd
93-99 Upper Richmond Rd
London SW15 2TG
United Kingdom
Web: http://www.lynxinfo.co.uk
Email: [email protected]
Tel: +44 (0)20 8780 2634
Fax: +44 (0)20 8780 0931
Registered in England Number 2454130
VAT Number GB 561 8979 88
Incoming and outgoing emails are checked for viruses
by Sophos AntiVirus.
This email may contain confidential information which is
intended for the named recipient(s) only. If you are
not the named recipient you should not take any action in
relation to this email, other than to notify us that you
have received it in error.
------------------------------------------------------------
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
