Im having trouble getting http digest to work with anything in geoserver 2.6.
I've added a digest authentication filter to the REST filter chain and removed the anonymous and basic filters. In addition, I've edited the rest.properties file to allow the required roles access to the rest paths. Using a variety of agents (wget, curl, firefox), I simply cannot authenticate to the REST API once all of these are configured. I Inspected the header output of the interchange, and geoserver *appears* to be sending what is expected wrt to the HTTP digest protocol, and the agents appear to be responding back properly, but I'm getting 401 all the same. I HAVE made changes elsewhere to the security configuration (replaced the default admin user with a differently named one, being sure to grant the ADMIN role to the new user) but I would not expect this to be an issue.The only thing I'm seeing in the debug log output is a message saying that AuthenticationCache couldn't find anything, which I would expect having not logged in yet. The only time I can access the rest api with digest authentication configured is if I am logged in as the admin user in the web gui, and then during that session navigate to the REST api in the browser. My main goal with this post is to determine if someone is successfully running digest authentication against the REST API using geoserver 2.6, so that I know whether to continue to look for configuration problems or break out the debugger (I've actually starting debugging somewhat, but there is a lot going on in the security subsystems, so that is going to take a while). Interestingly, I could not get digest authentication to work properly in 2.2.1 (the version I upgraded from) without manual changes to the security configuration xml (some kind of gui issue). email: clifford.harms[at]navy.mil clifford.harms[at]gmail.com -- View this message in context: http://osgeo-org.1560.x6.nabble.com/Securing-REST-with-http-digest-tp5176711.html Sent from the GeoServer - User mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ Geoserver-users mailing list Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
