Hi Clifford
Could you send me your security/rest.properties and the security/config.xml
file.
Cheers
Christian
On Fri, Dec 5, 2014 at 11:43 PM, clifford.harms <clifford.ha...@gmail.com>
wrote:
> Im having trouble getting http digest to work with anything in geoserver
> 2.6.
>
> I've added a digest authentication filter to the REST filter chain and
> removed the anonymous and basic filters. In addition, I've edited the
> rest.properties file to allow the required roles access to the rest paths.
> Using a variety of agents (wget, curl, firefox), I simply cannot
> authenticate to the REST API once all of these are configured. I Inspected
> the header output of the interchange, and geoserver *appears* to be sending
> what is expected wrt to the HTTP digest protocol, and the agents appear to
> be responding back properly, but I'm getting 401 all the same.
>
> I HAVE made changes elsewhere to the security configuration (replaced the
> default admin user with a differently named one, being sure to grant the
> ADMIN role to the new user) but I would not expect this to be an issue.The
> only thing I'm seeing in the debug log output is a message saying that
> AuthenticationCache couldn't find anything, which I would expect having not
> logged in yet.
>
> The only time I can access the rest api with digest authentication
> configured is if I am logged in as the admin user in the web gui, and then
> during that session navigate to the REST api in the browser.
>
> My main goal with this post is to determine if someone is successfully
> running digest authentication against the REST API using geoserver 2.6, so
> that I know whether to continue to look for configuration problems or break
> out the debugger (I've actually starting debugging somewhat, but there is a
> lot going on in the security subsystems, so that is going to take a while).
>
> Interestingly, I could not get digest authentication to work properly in
> 2.2.1 (the version I upgraded from) without manual changes to the security
> configuration xml (some kind of gui issue).
>
> email:
> clifford.harms[at]navy.mil
> clifford.harms[at]gmail.com
>
>
>
> --
> View this message in context:
> http://osgeo-org.1560.x6.nabble.com/Securing-REST-with-http-digest-tp5176711.html
> Sent from the GeoServer - User mailing list archive at Nabble.com.
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
>
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> Geoserver-users mailing list
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users
