On Wed, May 24, 2017 at 3:05 PM, Dr. Marco Lechner <[email protected]> wrote:
> Hi,
>
> we are running a trestinstance of Geoserver behind an apache proxy. The
> apache proxy is configured to use simple basic auth with static
> user:password credentials. the service of the workspace protected that
> way is accesible without any credentials. If I try to access the service
> through the proxy i succesfully authenticate at the apache proxy but a
> second password window appears from "Geoserver Realm". So Geoserver
> seems to ask for credentials even the requested URL the proxy is
> pointing at should be requestable without that.
>
> Not sure about what happens here. Could it be that Geoservers sees the
> authentication and tries to use it (even it is not necessary for the
> requested url) but can not use it succesfully?
>
Indeed
>
> How to overcome this?
>
> http://foo:8008/geoserver/bar/wfs?service=wfs&request=getCapabilities ->
> 200
>
> https://proxy/geoserver-bar/wfs?service=wfs&request=getCapabilities ->
> jumping between "apache basic auth" and "Geoserver Realm authentication"
>
> Proxy-Chain-Auth is set Off.
>
Apache should be removing the header... I am not an Apache expert, someone
else really needs to follow up, but a quick search turned out this, is it
useful?
https://stackoverflow.com/questions/4428903/remove-basic-authentication-header-with-apache-mod-proxy
Cheers
Andrea
--
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==
Ing. Andrea Aime
@geowolf
Technical Lead
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
phone: +39 0584 962313 <+39%200584%20962313>
fax: +39 0584 1660272 <+39%200584%20166%200272>
mob: +39 339 8844549 <+39%20339%20884%204549>
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.
-------------------------------------------------------
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
