[Geoserver-devel] Authentication in geoserver with openlayers

Hello everyone

Is there a way to authenticate in geoserver with a external webpage (made
with asp.net and openlayers)? I have restricted the access to layers only by
certain users, and I don't want to authenticate this way for security
reasons:

username:password@anonymised.com

(this is because the username and password are visible in the webpage code)

Thanks in advance

--
View this message in context: http://osgeo-org.1560.n6.nabble.com/Authentication-in-geoserver-with-openlayers-tp4979339.html
Sent from the GeoServer - Dev mailing list archive at Nabble.com.

It would be sufficient that you force the basic auth and then be sure to pass the header into the request.

That should be sufficient if I correctly understood your use case.

Regards,
Alessio.


Ing. Alessio Fabiani
Founder / CTO GeoSolutions S.A.S.

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: (+39) 0584 96.23.13
fax: (+39) 0584 96.23.13
mobile:(+39) 331 62.33.686

http://www.geo-solutions.it
http://geo-solutions.blogspot.com
http://www.linkedin.com/in/alessiofabiani
https://twitter.com/alfa7961
http://twitter.com/geosolutions_it

On Tue, Jun 5, 2012 at 11:38 PM, loref85 <lorenafigueredo@anonymised.com> wrote:

Hello everyone

Is there a way to authenticate in geoserver with a external webpage (made
with asp.net and openlayers)? I have restricted the access to layers only by
certain users, and I don’t want to authenticate this way for security
reasons:

username:password@anonymised.com…

(this is because the username and password are visible in the webpage code)

Thanks in advance


View this message in context: http://osgeo-org.1560.n6.nabble.com/Authentication-in-geoserver-with-openlayers-tp4979339.html
Sent from the GeoServer - Dev mailing list archive at Nabble.com.


Live Security Virtual Conference
Exclusive live event will cover all the ways today’s security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Thanks for the reply

can you provide me some sample code to understand what I have to do? as you
can notice I'm pretty new in this subject

This is my javascript code (I don't want to proceed like this because my
username and password are visible)

var ciudades = new OpenLayers.Layer.WMS("Ciudades",
     "http:myusername:mypassword@anonymised.com:1979/geoserver/wms", {
  layers: "pydptos:PY_CIUDADES"

  }, {
  buffer: 0,
  visibility: true,
  displayInLayerSwitcher: false
  }
);

this is my geoserver data security configuration, as you can see only the
administrator role is allowed to read and write

http://osgeo-org.1560.n6.nabble.com/file/n4979540/330ff6e.png

Thanks and regards

--
View this message in context: http://osgeo-org.1560.n6.nabble.com/Authentication-in-geoserver-with-openlayers-tp4979339p4979540.html
Sent from the GeoServer - Dev mailing list archive at Nabble.com.

Mmm … if you would like to follow this approach you will need a proxy beyond the WMS server.

My suggestion was to present a form to the user before accessing OpenLayers and ask him to perform the Basic Authentication.

Notice that the basic authentication can also be done by an http server using auth modules like mod_ldap or mod_cas or something else.

Regards,
Alessio.


Ing. Alessio Fabiani
Founder / CTO GeoSolutions S.A.S.

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy

phone: (+39) 0584 96.23.13
fax: (+39) 0584 96.23.13
mobile:(+39) 331 62.33.686

http://www.geo-solutions.it
http://geo-solutions.blogspot.com
http://www.linkedin.com/in/alessiofabiani
https://twitter.com/alfa7961
http://twitter.com/geosolutions_it

On Wed, Jun 6, 2012 at 5:13 PM, loref85 <lorenafigueredo@anonymised.com> wrote:

Thanks for the reply

can you provide me some sample code to understand what I have to do? as you
can notice I’m pretty new in this subject

This is my javascript code (I don’t want to proceed like this because my
username and password are visible)

var ciudades = new OpenLayers.Layer.WMS(“Ciudades”,
“http:myusername:mypassword@anonymised.com:1979/geoserver/wms”, {
layers: “pydptos:PY_CIUDADES”

}, {
buffer: 0,
visibility: true,
displayInLayerSwitcher: false
}
);

this is my geoserver data security configuration, as you can see only the
administrator role is allowed to read and write

http://osgeo-org.1560.n6.nabble.com/file/n4979540/330ff6e.png

Thanks and regards


View this message in context: http://osgeo-org.1560.n6.nabble.com/Authentication-in-geoserver-with-openlayers-tp4979339p4979540.html
Sent from the GeoServer - Dev mailing list archive at Nabble.com.


Live Security Virtual Conference
Exclusive live event will cover all the ways today’s security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/


Geoserver-devel mailing list
Geoserver-devel@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

I understand, so there's no way to use "openlayers only" api to perform the
authentication, I need a external approach

another way to resolve the authentication could be using a java servlet or
something I think

Thanks for your help, I'll post any doubt here :slight_smile:

Regards

--
View this message in context: http://osgeo-org.1560.n6.nabble.com/Authentication-in-geoserver-with-openlayers-tp4979339p4979549.html
Sent from the GeoServer - Dev mailing list archive at Nabble.com.

Hello again

I don't know if this is a dumb question, but how can I "combine" the asp.net
authentication with openlayers?

I created a Login page to authenticate in openlayers (in c#, server side),
this is my code

Uri uri = new
Uri("http://&quot;\+username\+&quot;:&quot;\+password\+&quot;@localhost:1979/geoserver/wms&quot;\);
            if (uri.Scheme == Uri.UriSchemeHttp)
            {
                HttpWebRequest request =
(HttpWebRequest)HttpWebRequest.Create(uri);
                request.Method = WebRequestMethods.Http.Post;
                
                HttpWebResponse response =
(HttpWebResponse)request.GetResponse();
                StreamReader reader = new
StreamReader(response.GetResponseStream()); string tmp = reader.ReadToEnd();
                response.Close();
                Response.Write(tmp);
            }

I don't know if this is the right approach to resolve my problem, anyway if
I reach my goal (authenticate with username and password in geoserver), how
can I combine this authentication with openlayers, which is in user side
(javascript)

Thanks in advance

--
View this message in context: http://osgeo-org.1560.n6.nabble.com/Authentication-in-geoserver-with-openlayers-tp4979339p4979977.html
Sent from the GeoServer - Dev mailing list archive at Nabble.com.