Thanks Graham, much appreciated. I am having some issues with the ajax solution. It does authenticate but I believe perhaps at the webserver level because after the authentication the credentials are cashed and I can see layers after re-staring the browser and also from another work station. After further reading I think I should be using REST for this instead. Eric, sorry to hijack your question. Vera
On Mon, Apr 15, 2019 at 4:09 PM Humphries, Graham (StateGrowth) < graham.humphr...@stategrowth.tas.gov.au> wrote: > Hi Vera, > > > > To allow CORS in Tomcat add the following to the bottom of the web.xml > file in the $TOMCAT_HOME/conf directory > > <filter> > > <filter-name>CorsFilter</filter-name> > > > <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> > > <init-param> > > <param-name>cors.allowed.origins</param-name> > > <param-value>*</param-value> > > </init-param> > > </filter> > > <filter-mapping> > > <filter-name>CorsFilter</filter-name> > > <url-pattern>/*</url-pattern> > > </filter-mapping> > > > > Hope this helps. > > > > Graham > > > > *From:* Vera Green [mailto:vera.green...@gmail.com] > *Sent:* Tuesday, 16 April 2019 7:25 AM > *To:* Eric Plassot <e.plas...@laposte.net> > *Cc:* GeoServer Mailing List List <geoserver-users@lists.sourceforge.net> > *Subject:* Re: [Geoserver-users] Authenticate WFS-T > > > > I managed to get the authentication to work as well. Perhaps you could > share how you did it for future reference. > > From leaflet I used ajax as per one of the links I provided: > > > > //this option uses the leaflet.wms.js plugin: > https://github.com/heigeo/leaflet.wms > > > > var options_l = {'transparent': true,'tiled': > true,'format': 'image/png'}; > > var source_l = L.WMS.source(" > https://your_server:8080/geoserver/wms?";, options_l); > > > > var myLayer = source_l.getLayer(' myLayer ');// Get > the layer > > // myLayer .addTo(map); //Optionally add the layer to > the map > > layerControl.addOverlay( myLayer, " My Layer "); > //Optionally add the layer to the layer control - object must exist. > > > > // Assuming myLayer **WITHOUT** user:pass in the url > > // The result is that when the request is first made a login window is > initiated allowing the user to authenticate into GeoServer. > > /* > > $.ajax({ > > url: myLayer.url, > > data: myLayer.params, > > method: 'GET', > > error: function(jqXHR, textStatus, errorThrown){ > > // Handle not authorised here > > alert("Could not authorise!"); > > }, > > success: function(){ > > alert("Authorised!"); > > // Yuppieeeeee! > > //map.addLayer(myLayer); // The browser will > set up the > > // authentication in the > request for you > > } > > > > }); */ > > > > I am not certain exactly how this functions because after the initial > login the credentials seam to be saved somewhere even when the page is > reloaded and even when the browser is re-started. I would like to > understand where the credentials are stored. > > > > Now I am trying to enable CORES on tomcat as the next issue is a "No > 'Access-Control-Allow-Origin' header is present on the requested resource." > error. > > https://server.boundlessgeo.com/docs/latest/sysadmin/cors/index.html > > > > Cheers, > Vera > > > > On Mon, Apr 15, 2019 at 2:56 PM Eric Plassot <e.plas...@laposte.net> > wrote: > > hello > I finally managed to authenticate myself > now it's the content of the query that does not pass : > org.geoserver.wfs.WFSException: Error performing insert: Error inserting > features > Yet I try to replicate the examples > > Le 15/04/2019 à 00:05, Vera Green a écrit : > > I have the same problem with leaflet and WMS. Same setup with data in > postgreSQL, basic authentication and the Catalog Mode set to Challenge > which I have read is required. > > This related post suggest the authentication should be "handled > automatically" but this does not occur: > > > https://gis.stackexchange.com/questions/227553/geoserver-rest-authentication-form > <https://gis.stackexchange.com/questions/227553/geoserver-rest-authentication-form> > > this post suggests using the fetch API although personally I was not able > to implement this: > > > https://gis.stackexchange.com/questions/284954/how-to-authenticate-wfs-requests-being-made-to-geoserver-through-openlayers-appl/285069 > > This post is also related: > > > https://stackoverflow.com/questions/51758817/how-to-authorize-accessing-the-geoserver-layers > > And then there is also this post: > > > https://gis.stackexchange.com/questions/86790/authentication-in-geoserver-2-4-x-from-a-web-application/97448#97448 > > Despite of this I am still unable to establish the link between GeoServer > and Leaflet receiving the 401 error. Note that if I am already logged into > GeoSever then the WMS layer works fine, therefore I am confident that > establishing JavaScript or ajax based method to authenticate the user into > GeoServer at the beginning of the session is the solution. However I am > still unsure about how to do this. > > Vera > > On Sun, Apr 14, 2019, 1:36 PM Eric Plassot via Geoserver-users < > geoserver-users@lists.sourceforge.net> wrote: > > Hello > I have a layer cite: administration that is linked to a POSTGRESQL > database and I can not configure a wfs-t authentication. My query in > openlayers always gives error 401 and in geoserver log 'Failed login' > The request is > <wfs: Transaction service = "WFS" version = "1.1.0" xmlns: wfs = > "http://www.opengis.net/wfs"; <http://www.opengis.net/wfs> xmlns: cite = > "http://www.opengeospatial.net/cite"; <http://www.opengeospatial.net/cite> > xmlns: gml = "http://www.opengis.net/gml"; <http://www.opengis.net/gml> > xmlns: xsi = "http://www.w3.org/2001/XMLSchema-instance"; > <http://www.w3.org/2001/XMLSchema-instance> xsi: schemaLocation = "http: > //www.opengis .net / wfs > http://schemas.opengis.net/wfs/1.1.0/WFS-transaction.xsd > http://www.opengeospatial.net/cite http://ip_adress:8080/geoserver/wfs/ > DescribeFeatureType? Typename = cite: administration "> <wfs: Insert> > <cite: administration> <cite: geom> <gml: MultiSurface xmlns =" > http://www.opengis.net/gml "srsName =" EPSG: 2154 " <gml: surfaceMember> > <gml: Polygon srsName = "EPSG: 2154"> <gml: exterior> <gml: LinearRing > srsName = "EPSG: 2154"> <gml: posList srsDimension = "2"> 793236.2285561005 > 5401066.196149358 793193.2327276901 5400993.3421067735 793272.0584131093 > 5400974.232849702 793300.7222987162 5401037.532263751 793236.2285561005 > 5401066.196149358 </ gml: posList> </ gml: LinearRing> </ gml: exterior> </ > gml: Polygon> </ gml: surfaceMember> </ gml: MultiSurface> < / cite: geom> > </ cite: Body> </ wfs: insert> </ wfs: Transaction> > > and in openlayers I try: > var headers = new Headers ({ > 'Authorization': 'Basic' + btoa (username + ':' + password), > 'Content-Type': 'application / x-www-form-urlencoded' > }) > fetch ( 'http: // ip_adress: 8080 / geoserver / wfs', { > method: 'POST', > headers: headers, > body: request > }). then (function (response) { > return response.text (); > }). then (function (text) { > var result = text; > console.log ( 'result -------------------------------------------- ------ > ', result) > }); > > I set up a user group > I tried to put a data access rule for this layer - cite.administration.w - > but > it does not memorize. Even with reading the geoserver manual 2.15 I can > not do it. > Can you help me please ? > > _______________________________________________ > Geoserver-users mailing list > > Please make sure you read the following two resources before posting to > this list: > - Earning your support instead of buying it, but Ian Turton: > http://www.ianturton.com/talks/foss4g.html#/ > - The GeoServer user list posting guidelines: > http://geoserver.org/comm/userlist-guidelines.html > > If you want to request a feature or an improvement, also see this: > https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer > > > Geoserver-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-users > > > ------------------------------ > > CONFIDENTIALITY NOTICE AND DISCLAIMER > The information in this transmission may be confidential and/or protected > by legal professional privilege, and is intended only for the person or > persons to whom it is addressed. If you are not such a person, you are > warned that any disclosure, copying or dissemination of the information is > unauthorised. If you have received the transmission in error, please > immediately contact this office by telephone, fax or email, to inform us of > the error and to enable arrangements to be made for the destruction of the > transmission, or its return at our cost. No liability is accepted for any > unauthorised use of the information contained in this transmission. >
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
