Hi all, I am having some problems configuring Geoserver 2.4 to use J2EE authentication. I have a mix of public and private layers that I am serving from Geoserver.
I have upgraded from Geoserver 2.0 to 2.4.0, and followed the instructions here http://docs.geoserver.org/stable/en/user/security/tutorials/j2ee/index.html (with help from Christian Mueller a week ago), and I can now log in to the Geoserver web GUI as an admin and use Layer Preview to view layers successfully. However, I cannot ONLY access the layers within the layer preview. A direct URL link to (say) the Open Layers web map, or a KML network link in Google Earth for a public layer (anonymous access allowed) will continuously prompt for a geoserver realm username and password. Similarly for private layers - the username and password are never accepted (although the same username/password allows me to login to the web GUI and use layer preview to view the layer). This is my addition to the web.xml config file: <security-constraint> <web-resource-collection> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>GEOSERVER_ADMIN</role-name> <role-name>GEOSERVER_USER</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> In the admin GUI, I added a J2EE authentication filter, added J2EE to the web filter chain (rememberme,j2ee,anonymous), defined the GEOSERVER_ADMIN and GEOSERVER_USER roles in Users,Groups,Roles-Roles and then defined GEOSERVER_ADMIN as the administrator role. I am obviously doing something wrong, or missing a fundamental step - any suggestions? Thanks, Chris ------------------------------------------------------------ Lynx Information Systems Ltd 93-99 Upper Richmond Rd London SW15 2TG United Kingdom Web: http://www.lynxinfo.co.uk Email: [email protected] Tel: +44 (0)20 8780 2634 Fax: +44 (0)20 8780 0931 Registered in England Number 2454130 VAT Number GB 561 8979 88 Incoming and outgoing emails are checked for viruses by Sophos AntiVirus. This email may contain confidential information which is intended for the named recipient(s) only. If you are not the named recipient you should not take any action in relation to this email, other than to notify us that you have received it in error. ------------------------------------------------------------ ------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
