Hi Guyz,
I’m struggling with the creation of a Authentication Filter - based on the dev documentation I did find and the code I’m browsing for hours now ^^.
Actually, I already asked a rather complete question in the gis.exchange site (here) but I wanted to enter directly in contact with you guyz. Why? see below :-/
It turns out that it looks like a missing feature in the 2.3.0 release (I won’t called it a bug, because it could [should] be a mistake of mine).
Indeed, I’ve successfully created the component to see my filter shown in the Authentication Filter Panel (from the Authentication page of the web admin site) but when I’m trying to either save the default chain or even create a brand new chain using this filter it seems that the securityManager.getSecurityConfig().filterChain.requestChains will remain the same and so won’t change the default mapper nor add my new chain… That’s why I came to here in order to poke the right persons directly.
So, I’m sorry if not relevant.
Here is the chains I can see
- [0] = {org.geoserver.security.HtmlLoginFilterChain@13515}“[/web/, /gwc/rest/web/]:[contextAsc, rememberme, anonymous, guiException, interceptor]”
- [1] = {org.geoserver.security.ConstantFilterChain@13516}“[/j_spring_security_check, /j_spring_security_check/]:[contextAsc, form]”
- [2] = {org.geoserver.security.LogoutFilterChain@13517}“[/j_spring_security_logout, /j_spring_security_logout/]:[contextAsc, formLogout]”
- [3] = {org.geoserver.security.ServiceLoginFilterChain@13518}“[/rest/**]:[contextNoAsc, basic, anonymous, exception, restInterceptor]”
- [4] = {org.geoserver.security.ServiceLoginFilterChain@13519}“[/gwc/rest/**]:[contextNoAsc, basic, exception, restInterceptor]”
- [5] = {org.geoserver.security.ServiceLoginFilterChain@13520}“[/**]:[contextNoAsc, basic, anonymous, exception, interceptor]”
And here is the interface shown in my browser:
So far so good, the chain is present in the list, and I saw adding it that the secMgrConfig field of SecurityFilterChainPage was updated with the new chain… however, the very next request I’ll do will loose the chain… And the web interface to hold it in memory for a while until disappearing again (due to some timeout or something I guess).
It’d probably due to the fact that the configuration wasn’t persisted in the config.xml file and won’t be reloaded on-the-fly (again, just guessing).
Does someone have an idea how to help me further, do I encountered a known limitation already fixed in 2.3.1 or in the master branch, or did I make a mistake or should I come up with a patch (-- help needed if so – ^^) ?
Thanks a lot for your help and work guyz…
Andy/Noootsab
(previously a Ionic Software devops turned into an OSS addict)
–
Andy Petrella
Belgium (Liège)
********
IT Consultant for NextLab sprl (co-founder)
Engaged Citizen Coder for WAJUG (co-founder)
Author of Learning Play! Framework 2
********
Mobile: +32 495 99 11 04
Mails:
-
andy.petrella@gmail.com
Socials: -
Twitter: https://twitter.com/#!/noootsab
-
LinkedIn: http://be.linkedin.com/in/andypetrella
-
Blogger: http://ska-la.blogspot.com/
-
GitHub: https://github.com/andypetrella
-
Masterbranch: https://masterbranch.com/andy.petrella