date:20200421

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread sulu

Ok. Got it.

One hat to add a whitelist for CRSF-Protection in
[Path-to-Geoserver]geoserver/WEB-INF/web.xml

e.g.


  GEOSERVER_CSRF_WHITELIST
  someserver.xx.yy.zz





--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html


___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread sulu

vfonseca.

Intersting idea. But we have Geonetwork running on the same Tomcat and it
doesnt shows any Code 400. 
I think it has something to do with Geoserver-Config. 

After turning off GEOSERVER_CSRF_Protection everything works again.


   GEOSERVER_CSRF_DISABLED
   true



So. How to turn it on again, but without it blocking the Web-Server?

Andy






--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html


___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread Vitor Fonseca

maybe you could also add a filter to tomcat configuration

 
  CorsFilter
  org.apache.catalina.filters.CorsFilter
  
cors.allowed.origins
http://

  


  CorsFilter
  /*


sulu  escreveu no dia terça, 21/04/2020 à(s)
10:38:

> Ok.
>
> I added
>
> 
>  Application 2.3//EN
> http://java.sun.com/dtd/web-app_2_3.dtd;>
> 
> GeoServer
> 
> GEOSERVER_CSRF_WHITELIST
> 10.176.0.178
> 
> 
>
>
> to my web.xml
>
> But it GS refuses to cooperate Bad request 400 .
>
> 10.176.0.178 - - [21/Apr/2020:11:04:32 +0200] "POST
>
> /geoserver/web/wicket/bookmarkable/org.geoserver.web.data.workspace.WorkspaceEditPage?6-1.IFormSubmitListener-form=ausprobieren
> HTTP/1.1" *400* 1186
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> Sent from:
> http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html
>
>
> ___
> Geoserver-users mailing list
>
> Please make sure you read the following two resources before posting to
> this list:
> - Earning your support instead of buying it, but Ian Turton:
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines:
> http://geoserver.org/comm/userlist-guidelines.html
>
> If you want to request a feature or an improvement, also see this:
> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
>
>
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>


-- 

www.vfonsecaz.pt
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread sulu

Ok.

I added 


http://java.sun.com/dtd/web-app_2_3.dtd;>

GeoServer

GEOSERVER_CSRF_WHITELIST
10.176.0.178




to my web.xml

But it GS refuses to cooperate Bad request 400 .

10.176.0.178 - - [21/Apr/2020:11:04:32 +0200] "POST
/geoserver/web/wicket/bookmarkable/org.geoserver.web.data.workspace.WorkspaceEditPage?6-1.IFormSubmitListener-form=ausprobieren
HTTP/1.1" *400* 1186








 




--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html


___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread sulu

Hi Russ.

Interesting setup.
Load balacing might become an agenda hiere because of INSPIRE-Harmonization
demands.

But i think for my trouble this is most relevant.

  GEOSERVER_CSRF_WHITELIST
  IP OF MY APACHE/PHYSICAL SERVER
 

I'll put this with the IP of my Apache in web.xml an give ist a go.

Thanks to all off you!
I didnt expect such a response 


Andy



--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html


___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread Russ Hore

As a learning exercise I also have another physical box running three VMs each 
with Tomcat/Geoserver

Apache on the second physical server has the following in the site.conf file



  

ProxyRequests Off

ProxyPass /geoserver balancer://gscluster stickysession=JSESSIONID
ProxyPassReverse /geoserver balancer://gscluster stickysession=JSESSIONID

RequestHeader set Authorization "Basic EncryptedUsername:Password"


  BalancerMember http://IP of 1st VM on SECOND physical 
server:8080/geoserver route=1
  BalancerMember http://IP of 2nd VM on SECOND physical 
server:8080/geoserver route=2
  BalancerMember http://IP of 3rd VM on SECOND physical 
server:8080/geoserver route=3
  BalancerMember http://IP of FIRST physical server/geoserver route=4


  Order allow,deny
  Allow from all
  ProxyPass balancer://gscluster


  




> On 21 Apr 2020, at 09:30, sulu  wrote:
> 
> Hi Russ
> 
> Yes, Proxy base url is set.
> 
> Do you use something similar to
> ProxyPass /geoserver http://:8900/geoserver
> to redirect Geoserver-Requests from Apache to Tomcat?
> 
> Andy
> 
> 
> 
> 
> 
> --
> Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html
> 
> 
> ___
> Geoserver-users mailing list
> 
> Please make sure you read the following two resources before posting to this 
> list:
> - Earning your support instead of buying it, but Ian Turton: 
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines: 
> http://geoserver.org/comm/userlist-guidelines.html
> 
> If you want to request a feature or an improvement, also see this: 
> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
> 
> 
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users

___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread Russ Hore

Hi Sulu,

I have a couple of VMs running tomcat/geoserver. Apache runs on the physical 
server and load balances between the two VMs. I know it might not be the best 
set up but it is something for me to learn from.

In each VMs geoserver web.xml I have


  GEOSERVER_CSRF_WHITELIST
  IP OF MY APACHE/PHYSICAL SERVER

If I understand it all correctly, as far as each geoserver is concerned, this 
is the IP the requests are coming from

In my sites-enables/site.conf I have


  

ProxyRequests Off

ProxyPass /geoserver balancer://gscluster stickysession=JSESSIONID
ProxyPassReverse /geoserver balancer://gscluster stickysession=JSESSIONID
RequestHeader set Authorization "Basic encryptedpassword"


  BalancerMember http://IPADDRESS1:8080/geoserver route=1
  BalancerMember http://IPADDRESS2:8080/geoserver route=2


  Order allow,deny
  Allow from all
  ProxyPass balancer://gscluster


  


Russ

> On 21 Apr 2020, at 09:30, sulu  wrote:
> 
> Hi Russ
> 
> Yes, Proxy base url is set.
> 
> Do you use something similar to
> ProxyPass /geoserver http://:8900/geoserver
> to redirect Geoserver-Requests from Apache to Tomcat?
> 
> Andy
> 
> 
> 
> 
> 
> --
> Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html
> 
> 
> ___
> Geoserver-users mailing list
> 
> Please make sure you read the following two resources before posting to this 
> list:
> - Earning your support instead of buying it, but Ian Turton: 
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines: 
> http://geoserver.org/comm/userlist-guidelines.html
> 
> If you want to request a feature or an improvement, also see this: 
> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
> 
> 
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users



___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread sulu

Hi Russ

Yes, Proxy base url is set.

Do you use something similar to
ProxyPass /geoserver http://:8900/geoserver
to redirect Geoserver-Requests from Apache to Tomcat?

Andy





--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html


___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread sulu

Hi Russ.

Thanks for your suggestion.

Do you mean:
General settings/OGC Services/Service Settings/Proxy URL ?

I have set that to: 
http://[hostname]/geoserver


Andy





--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html


___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread Russ Hore

Have you set the BaseProxy in Geoserver?

I have GS in Tomcat  9 behind Apache and some forms do not work unless you set 
the base proxy.

Russ

> On 21 Apr 2020, at 07:10, sulu  wrote:
> 
> Hmmm.
> 
> I found something in localhost_access_log.
> All Submit-calls have a problem if not called directly from Tomcat.
> Is there a security-setting for submits i am not aware of?
> 
> Example:
> My local IP: 1.1.1.1
> Apache Ip: 2.2.2.2
> 
> Geoserver ist called from my local IP 1.1.1.1
> 
> Call via Apache leads to Code 400.
> 2.2.2.2 - - [21/Apr/2020:07:58:51 +0200] "POST
> /geoserver/web/wicket/bookmarkable/org.geoserver.web.data.layer.LayerPage?9-1.IBehaviorListener.0-table-filterForm-submit
> HTTP/1.1" 400 1186
> 
> Bypassing Apache leads to Code 200
> 1.1.1.1 - - [21/Apr/2020:07:59:33 +0200] "POST
> /geoserver/web/wicket/bookmarkable/org.geoserver.web.data.layer.LayerPage?9-2.IBehaviorListener.0-table-filterForm-submit
> HTTP/1.1" 200 1629
> 
> 
> 
> 
> 
> 
> 
> --
> Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html
> 
> 
> ___
> Geoserver-users mailing list
> 
> Please make sure you read the following two resources before posting to this 
> list:
> - Earning your support instead of buying it, but Ian Turton: 
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines: 
> http://geoserver.org/comm/userlist-guidelines.html
> 
> If you want to request a feature or an improvement, also see this: 
> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
> 
> 
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users



___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

2020-04-21 Thread sulu

Hmmm.

I found something in localhost_access_log.
All Submit-calls have a problem if not called directly from Tomcat.
Is there a security-setting for submits i am not aware of?

Example:
My local IP: 1.1.1.1
Apache Ip: 2.2.2.2

Geoserver ist called from my local IP 1.1.1.1

Call via Apache leads to Code 400.
2.2.2.2 - - [21/Apr/2020:07:58:51 +0200] "POST
/geoserver/web/wicket/bookmarkable/org.geoserver.web.data.layer.LayerPage?9-1.IBehaviorListener.0-table-filterForm-submit
HTTP/1.1" 400 1186

Bypassing Apache leads to Code 200
1.1.1.1 - - [21/Apr/2020:07:59:33 +0200] "POST
/geoserver/web/wicket/bookmarkable/org.geoserver.web.data.layer.LayerPage?9-2.IBehaviorListener.0-table-filterForm-submit
HTTP/1.1" 200 1629







--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html


___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

Re: [Geoserver-users] Getting Http 400 bad request in Geoserver-UI

11 matches

Site Navigation

Mail list logo

Footer information