Re: [Geoserver-devel] GWC-page shown instead of redirect to geoserver/web when using Geofence-extension
On Saturday, 25 March 2023 12:22:42 AM AEDT Biskup, Paul wrote: > thanks for your response. Good to know. Maybe this should be documented in > the Geofence-extension docs. Hi Paul, You can easily add documentation - each page has an "Edit" link on the right sidebar which will take you to a Github online editor. Brad ___ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
[Geoserver-devel] [JIRA] (GEOS-10906) Authentication not sent if connection pooling activated
Pierre Mauduit ( https://osgeo-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3A585344fb-ece9-47e9-8382-30cea0b98063 ) *created* an issue GeoServer ( https://osgeo-org.atlassian.net/browse/GEOS?atlOrigin=eyJpIjoiYjNjN2QxNzJlODAwNDY3NDhlMTJjZTlmYTkwODlkM2EiLCJwIjoiaiJ9 ) / Bug ( https://osgeo-org.atlassian.net/browse/GEOS-10906?atlOrigin=eyJpIjoiYjNjN2QxNzJlODAwNDY3NDhlMTJjZTlmYTkwODlkM2EiLCJwIjoiaiJ9 ) GEOS-10906 ( https://osgeo-org.atlassian.net/browse/GEOS-10906?atlOrigin=eyJpIjoiYjNjN2QxNzJlODAwNDY3NDhlMTJjZTlmYTkwODlkM2EiLCJwIjoiaiJ9 ) Authentication not sent if connection pooling activated ( https://osgeo-org.atlassian.net/browse/GEOS-10906?atlOrigin=eyJpIjoiYjNjN2QxNzJlODAwNDY3NDhlMTJjZTlmYTkwODlkM2EiLCJwIjoiaiJ9 ) Issue Type: Bug Affects Versions: 2.22.2 Assignee: Unassigned Components: WMS Created: 24/Mar/23 3:33 PM Environment: Runtime tested into the ` docker.osgeo.org/geoserver:2.22.2 ( http://docker.osgeo.org/geoserver:2.22.2 ) ` docker image Priority: Medium Reporter: Pierre Mauduit ( https://osgeo-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3A585344fb-ece9-47e9-8382-30cea0b98063 ) It seems that when trying to access a secured remote WMS with connection pooling activated, the basic-authentication is not sent. Indeed, while trying to add a Cascaded WMS datastore configured onto a protected WMS, along with a correct basic authentication, I got the following stacktrace server-side: {code} 24 Mar 14:10:42 INFO [ geoserver.web ( http://geoserver.web ) ] - Getting list of layers for the WMS store https://protected-wms/mapproxy/service? ( https://gdi.telekom.de/mapproxy/service? ) java.lang.RuntimeException: Could not list layers for this store, an error occurred retrieving them: null at org.geoserver.web.data.layer.NewLayerPageProvider.getItemsInternal(NewLayerPageProvider.java:181) at org.geoserver.web.data.layer.NewLayerPageProvider.getItems(NewLayerPageProvider.java:60) at org.geoserver.web.wicket.GeoServerDataProvider.getFilteredItems(GeoServerDataProvider.java:190) at org.geoserver.web.data.layer.NewLayerPageProvider.getFilteredItems(NewLayerPageProvider.java:197) at org.geoserver.web.wicket.GeoServerDataProvider.size(GeoServerDataProvider.java:208) at org.geoserver.web.wicket.GeoServerTablePanel$PagerDelegate.updateMatched(GeoServerTablePanel.java:662) at org.geoserver.web.wicket.GeoServerTablePanel$PagerDelegate.(GeoServerTablePanel.java:657) at org.geoserver.web.wicket.GeoServerTablePanel.(GeoServerTablePanel.java:236) at org.geoserver.web.wicket.GeoServerTablePanel.(GeoServerTablePanel.java:105) at org.geoserver.web.data.layer.NewLayerPage$1.(NewLayerPage.java:111) at org.geoserver.web.data.layer.NewLayerPage.(NewLayerPage.java:110) at org.geoserver.web.data.store.WMSStoreNewPage.onSave(WMSStoreNewPage.java:88) at org.geoserver.web.data.store.AbstractWMSStorePage$2.onSubmit(AbstractWMSStorePage.java:212) at org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink$1.onSubmit(AjaxSubmitLink.java:111) […] Caused by: java.io.IOException at org.geoserver.catalog.ResourcePool.getWebMapServer(ResourcePool.java:1869) at org.geoserver.catalog.impl.WMSStoreInfoImpl.getWebMapServer(WMSStoreInfoImpl.java:104) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.geoserver.catalog.impl.ModificationProxy.invoke(ModificationProxy.java:144) at com.sun.proxy.$Proxy126.getWebMapServer(Unknown Source) at org.geoserver.web.data.layer.NewLayerPageProvider.getItemsInternal(NewLayerPageProvider.java:141) ... 138 more Caused by: org.geotools.ows.ServiceException: Error while parsing XML. org.xml.sax.SAXParseException; lineNumber: 28; columnNumber: 3; The element type "meta" must be terminated by the matching end-tag "". at org.geotools.ows.wms.response.WMSGetCapabilitiesResponse.(WMSGetCapabilitiesResponse.java:58) at org.geotools.ows.wms.WMS1_0_0$GetCapsRequest.createResponse(WMS1_0_0.java:230) at org.geotools.data.ows.AbstractOpenWebService.internalIssueRequest(AbstractOpenWebService.java:461) at org.geotools.ows.wms.WebMapServer.issueRequest(WebMapServer.java:450) at org.geotools.data.ows.AbstractOpenWebService.negotiateVersion(AbstractOpenWebService.java:287) at org.geotools.data.ows.AbstractOpenWebService.(AbstractOpenWebService.java:124) at org.geotools.data.ows.AbstractOpenWebService.(AbstractOpenWebService.java:97) at org.geotools.ows.wms.WebMapServer.(WebMapServer.java:405) at org.geoserver.catalog.ResourcePool.createWebMapServer(ResourcePool.java:1886) at org.geoserver.catalog.ResourcePool.getWebMapServer(ResourcePool.java:1857) ... 146 more Caused by: org.xml.sax.SAXParseException; lineNumber: 28; columnNumber: 3; The element
Re: [Geoserver-devel] Spring upgrade
Hi Peter, had a quick look using the built-in Jetty container... I cannot reproduce the issue, the viewer is always fast. Debugging, I've set breakspoints in the Jetty Response objects dealing with headers, I've observed the following: - GZIPResponseWrapper/AlternativesResponseStream is holding onto an eventual content-length attribute, by overriding all methods that allowing setting one (addHeader, setHeader, addIntHeader, setIntHeader). - It eventually calls the response.setContentLength only if the mime type is found to be non compressible, otherwise, the header won't be set. I could think that maybe a newer version of the Servlet API has other ways to set the header... I cannot find any straight method there, but this one caught my eye, and it's available only in Servlet 4: https://javadoc.io/static/javax.servlet/javax.servlet-api/4.0.1/javax/servlet/http/HttpServletResponse.html#setTrailerFields-java.util.function.Supplier- That allows setting headers at the end of response, Content-lenght seems like it would be a good candidate for it. Now, GeoServer uses Servlet 3.1 where that method is not available, but if you were to deploy GeoServer in Tomcat 10 with the automatic on the fly servlet API transformation (not recommended!) then I can see how that would escape the current management. Either that, or I've missed places where the content-length can be set, in general, if there is a method that escapes the wrapping, that would cause the header to be set while compression is activated. Just thinking out loud, mind!! Cheers Andrea On Thu, Mar 23, 2023 at 7:22 PM Peter Rushforth wrote: > Hi Andrea, > > yep, it's really odd. It seems that no matter what I do to the GZIPFilter > and it's components, the Content-Length header gets set, and committed, > outside of the actions of the filter itself. Also, although the web.xml > pattern for text/.* should match the text/mapml media type, and I do see it > enter the filter, what gets received by the client is not encoded. All of > this only happens, as far as I can tell, in URLs within the > /geoserver/mapml controller paths. Outside that, as you noticed, the > gzipping works / doesn't work as specified by the filter config in web.xml. > > I have to give up the chase at this point, because I'm out of ideas and > time. I will make an amendment to the user guide that notes to users that > they must remove the gzip filter from web.xml if they want to use the > extension. Eventually I'm certain more information will arrive and I'll be > able to fix it. > > Thanks for your help!! > Peter > > On Thu, Mar 23, 2023 at 5:00 AM Andrea Aime < > andrea.a...@geosolutionsgroup.com> wrote: > >> Hi Peter, >> it's odd, we have other parts of GeoServer that return HTML out of Spring >> MVC controllers without setting >> the content-length, e.g.: >> >> >> https://gs-main.geosolutionsgroup.com/geoserver/ogc/features/v1/collections?f=text%2Fhtml >> >> It is HTML, gzip compressed, and yet does not have a content-length >> header. Same goes for the administrative >> REST API (I don't have a link for that one, for obvious reasons). >> >> Checking the controllers set up, the only difference I see is that the >> MapML ones have the CrossOrigin annotation, >> but that seems unrelated... >> >> Cheers >> Andrea >> >> On Thu, Mar 23, 2023 at 4:47 AM Peter Rushforth < >> peter.rushfo...@gmail.com> wrote: >> >>> I have isolated the problem to text/.* Content-types, but only as these >>> apply to the /geoserver/mapml/ controller; /geoserver/openlayers/*.css or >>> text/html responses are not affected by the following problem: >>> >>> some part of the call stack is setting the Content-length header to the >>> size of the ungzipped response. As a result, the client is waiting for the >>> keep-alive timeout value (20 seconds) then closing and rendering the >>> response. >>> >>> I can't figure out how to prevent the header from being set, even by >>> commenting out the many places in the GZIPResponseWrapper where it may be >>> set. It gets set outside the call into the GZIPFilter. >>> >>> Nor can I figure out how to set the header value to the correct figure >>> which would be the size of the compressed response. >>> >>> I can operationally work around this by not compressing HTML and CSs, >>> but it will bug me, and be trouble for users. >>> >>> I will continue to try to find a fix. >>> >>> Cheers >>> Peter >>> >>> On Tue, Mar 21, 2023, 5:13 a.m. Andrea Aime < >>> andrea.a...@geosolutionsgroup.com> wrote: >>> If that's the case, then the changes to GSIPResponseOutputStream might be the cause? But I don't see how: https://github.com/geoserver/geoserver/pull/6515/files#diff-40e2171fa39da85e5fd855ddfab206e350b990149834a4f16c1e64e0ee72cb24 The upgrade of Spring version required an update to the servet api itself, which caused the two extra methods to be added. Maybe there is some behavioral change there? I've also grepped
Re: [Geoserver-devel] GSIP-217 Sibling repository for GeoServer ACL project
+1 On Thu, Mar 23, 2023 at 6:59 PM Ian Turton wrote: > +1 > > On Tue, 21 Mar 2023, 13:23 Gabriel Roldan, > wrote: > >> Hi all, >> >> as discussed in the "GSIP-216 GeoFence 4.0.x" email thread, I've created >> a new GSIP to request hosting the GeoFence fork, called GeoServer ACL, as a >> sibling project to GeoServer, GeoFence, and GeoServer Cloud, under the >> /geoserver Github organization. >> >> Please see https://github.com/geoserver/geoserver/wiki/GSIP-217 for >> details, comment back and vote. >> >> Best regards, >> Gabriel. >> *camptocamp* >> INNOVATIVE SOLUTIONS >> BY OPEN SOURCE EXPERTS >> >> *Gabriel Roldan* >> Geospatial Developer >> >> ___ >> Geoserver-devel mailing list >> Geoserver-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/geoserver-devel >> > ___ > Geoserver-devel mailing list > Geoserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-devel > -- Regards, Nuno Oliveira == GeoServer Professional Services from the experts! Visit http://bit.ly/gs-services-us for more information. == Nuno Miguel Carvalho Oliveira @nmcoliveira Technical Lead / Project Manager GeoSolutions Group phone: +39 0584 962313 fax: +39 0584 1660272 https://www.geosolutionsgroup.com/ http://twitter.com/geosolutions_it --- Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si precisa che ogni circostanza inerente alla presente email (il suo contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra operazione è illecita. Le sarei comunque grato se potesse darmene notizia. This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. We remind that - as provided by European Regulation 2016/679 “GDPR” - copying, dissemination or use of this e-mail or the information herein by anyone other than the intended recipient is prohibited. If you have received this email by mistake, please notify us immediately by telephone or e-mail. ___ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel