Re: [Geoserver-users] Securing with digest

[bmearns]

This problem is still seen on Geoserver 2.12.1 and 2.13-SNAPSHOT (12/18/17). 
It seems to apply to all digest authentication requests.  I have only tested
with the bundled Jetty.  Using basic authentication with the same requests
works as expected.



--
Sent from: http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Securing with digest

[Andrea Aime]

On Wed, Feb 3, 2016 at 5:22 PM, Christian Mueller <
christian.muel...@os-solutions.at> wrote:

> Hi
>
> Unfortunately, digest auth does not work in some situations, don't know
> why.  Can you open an issue in the issue tracker.
>

Hi Christian,
I am wondering if there might be user error there. Like, I would expect
digest to have to be put
in the OGC filter chain in exactly the same position as the basic one, in
any other position
it might not work correctly, right?

Cheers
Andrea

-- 
==
GeoServer Professional Services from the experts! Visit
http://goo.gl/it488V for more information.
==

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054  Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39  339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

*AVVERTENZE AI SENSI DEL D.Lgs. 196/2003*

Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il
loro utilizzo è consentito esclusivamente al destinatario del messaggio,
per le finalità indicate nel messaggio stesso. Qualora riceviate questo
messaggio senza esserne il destinatario, Vi preghiamo cortesemente di
darcene notizia via e-mail e di procedere alla distruzione del messaggio
stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso,
divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od
utilizzarlo per finalità diverse, costituisce comportamento contrario ai
principi dettati dal D.Lgs. 196/2003.



The information in this message and/or attachments, is intended solely for
the attention and use of the named addressee(s) and may be confidential or
proprietary in nature or covered by the provisions of privacy act
(Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection
Code).Any use not in accord with its purpose, any disclosure, reproduction,
copying, distribution, or either dissemination, either whole or partial, is
strictly forbidden except previous formal approval of the named
addressee(s). If you are not the intended recipient, please contact
immediately the sender by telephone, fax or e-mail and delete the
information in this message that has been received in error. The sender
does not give any warranty or accept liability as the content, accuracy or
completeness of sent messages and accepts no responsibility  for changes
made after they were sent or for other risks which arise as a result of
e-mail transmission, viruses, etc.

---
--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140___
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Securing with digest

[Petteri Packalen]

> @Andrea.
> Replacing the basic auth  filter with the digist auth filter is the most
> common use case but it you can use this filter on any chain.

Yes, this was exactly what I did.

> @Petteri
> It is not Jetty specific.

Yep, I noticed. Switching to Tomcat7 did not solve the problem.

Cheers,
Petteri

On Wed, Feb 3, 2016 at 6:51 PM, Petteri Packalen 
> wrote:
Hi,

Is the problem Jetty specific? I can give a try with Apache.

I will open an issue.

Cheers,
Petteri

On 3.2.2016, at 18.22, Christian Mueller 
> 
wrote:
Hi

Unfortunately, digest auth does not work in some situations, don't know why.  
Can you open an issue in the issue tracker.

Cheers
Christian

On Tue, Feb 2, 2016 at 2:42 PM, Petteri Packalen 
> wrote:
Hi,

I cannot get digest authentication to work in GeoServer 2.8.1. Without digest 
it works properly. GeoServer is bundled with Jetty and I run them under Linux. 
Because it did not work with my own data I went back to basics and tried the 
tutorial:

  http://docs.geoserver.org/stable/en/user/security/tutorials/digest/index.html

It didn't work either. However, the dialog in step 9 is different than mine 
although the tutorial version should be correct. Also default roles are 
different (ADMIN vs. ROLE_ADMINISTRATOR). Can anyone give me simple 
instructions how to activate digest in GeoServer 2.8.1?

--
Best regards,
Petteri Packalen

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140
___
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users



--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH




--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151=/4140___
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Securing with digest

[Petteri Packalen]

Hi,

Is the problem Jetty specific? I can give a try with Apache.

I will open an issue.

Cheers,
Petteri

On 3.2.2016, at 18.22, Christian Mueller 
> 
wrote:

Hi

Unfortunately, digest auth does not work in some situations, don't know why.  
Can you open an issue in the issue tracker.

Cheers
Christian

On Tue, Feb 2, 2016 at 2:42 PM, Petteri Packalen 
> wrote:
Hi,

I cannot get digest authentication to work in GeoServer 2.8.1. Without digest 
it works properly. GeoServer is bundled with Jetty and I run them under Linux. 
Because it did not work with my own data I went back to basics and tried the 
tutorial:

  http://docs.geoserver.org/stable/en/user/security/tutorials/digest/index.html

It didn't work either. However, the dialog in step 9 is different than mine 
although the tutorial version should be correct. Also default roles are 
different (ADMIN vs. ROLE_ADMINISTRATOR). Can anyone give me simple 
instructions how to activate digest in GeoServer 2.8.1?

--
Best regards,
Petteri Packalen

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140
___
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users



--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140___
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Re: [Geoserver-users] Securing with digest

[Christian Mueller]

Hi

Unfortunately, digest auth does not work in some situations, don't know
why.  Can you open an issue in the issue tracker.

Cheers
Christian

On Tue, Feb 2, 2016 at 2:42 PM, Petteri Packalen 
wrote:

> Hi,
>
> I cannot get digest authentication to work in GeoServer 2.8.1. Without
> digest it works properly. GeoServer is bundled with Jetty and I run them
> under Linux. Because it did not work with my own data I went back to basics
> and tried the tutorial:
>
>
> http://docs.geoserver.org/stable/en/user/security/tutorials/digest/index.html
>
> It didn't work either. However, the dialog in step 9 is different than
> mine although the tutorial version should be correct. Also default roles
> are different (ADMIN vs. ROLE_ADMINISTRATOR). Can anyone give me simple
> instructions how to activate digest in GeoServer 2.8.1?
>
> --
> Best regards,
> Petteri Packalen
>
>
> --
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140
> ___
> Geoserver-users mailing list
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>



-- 
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140___
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

[Geoserver-users] Securing with digest

[Petteri Packalen]

Hi,
 
I cannot get digest authentication to work in GeoServer 2.8.1. Without digest 
it works properly. GeoServer is bundled with Jetty and I run them under Linux. 
Because it did not work with my own data I went back to basics and tried the 
tutorial:
 
  http://docs.geoserver.org/stable/en/user/security/tutorials/digest/index.html
 
It didn't work either. However, the dialog in step 9 is different than mine 
although the tutorial version should be correct. Also default roles are 
different (ADMIN vs. ROLE_ADMINISTRATOR). Can anyone give me simple 
instructions how to activate digest in GeoServer 2.8.1?
 
--
Best regards,
Petteri Packalen

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140
___
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users