[Geoserver-users] Authenticate in Geoserver from PHP application

Rodrigo_Antonialli · October 17, 2012, 10:19pm

Hi everyone!

I’m running an old version of Geoserver (GeoServer 2.0-RC1). I’ve set all layers (read and write permissions) to be accessed only by ROLE_ADMINISTRATOR users.

Geoserver side is working fine. When I open geoserver web interface, I can’t see any layers. If proceed with login with admin user, all layers are shown.

My problem is with my PHP/OpenLayers application.

When I try to see my maps, an error saying that the layer doesn’t exists is shown. That’s expected, but now, how can I login from PHP to Geoserver to see my layers?

I’d like to use the same users in PHP login and Geoserver login (I just replicated the users in users.properties).

If I login into geoserver interface, and after in PHP application, I can see the maps. If I logout from geoserver interface, I can’t see it anymore.

I’m trying to post user and password to geoserver login servlet (I think it is a servlet) like that:

function loginGeoserver($username, $password) {

$geoserverURL = “http://mydomain/geoserver/j_acegi_security_check”;

$data = http_build_query(array(
“username” => $username,
“password” => $password
));

$context = stream_context_create(array(“http”=>array(
“method”=>“POST”,
“header”=>“Content-Type: application/x-www-form-urlencoded\r\n” .
"Content-Length: ". strlen($post) . “\r\n”,
“content”=>$data
)));

$page = file_get_contents($geoserverURL, false, $context);

return $page;

}

*mydomain was replaced only here =)

When I echo $page, I see the geoserver login form and a message informing username or password are wrong.

I’ve built a teste.html with a form inside it, at the same place this php function is set. From the HTML form, I can login to geoserver just pointing the method=post and action=http://mydomain/geoserver/j_acegi_security_check

Can someone help me to solve this?? Am I using the wrong way to do it or it is a problem with my PHP script?!

I’d appreciate any help!

Best Regards,

Rodrigo C. Antonialli

Rio Claro - SP - Brasil
LinkedIn: http://www.linkedin.com/in/rcaprofile
Contato: (19) 8136-2347
rcantonialli@anonymised.com
Skype: rc_antonialli

Rodrigo_Antonialli · October 20, 2012, 7:34pm

Hi again!!

I’ve did it! =)

Let me say that I’m using an older version of geoserver: 2.0-RC1. I know that with newer versions this can be simpler, but I cannot update geoserver in this environment.

Here are other info about my environment:

Apache Tomcat 6.0.18
Apache 2.0.63
PHP 5.2.11

For some reason, I forgot to compile this PHP with CURL, so I needed another alternative.

Here is the functions created and working for me:

//Login Geoserver

function loginGeoserver($username, $password) {

$geoserverURL = “http:///geoserver/j_acegi_security_check”;

$post = http_build_query(array(
“username” => $username,
“password” => $password,
));

$context = stream_context_create(array(“http”=>array(
“method” => “POST”,
“header” => “Content-Type: application/x-www-form-urlencoded\r\n” .
"Content-Length: ". strlen($post) . “\r\n”,
“content” => $post,
)));

$page = file_get_contents($geoserverURL, false, $context);

for($i = 0; $i < sizeof($http_response_header); $i++){

$headerLine = $http_response_header[$i];

$pos = strpos($headerLine, ‘Set-Cookie’);

if ($pos === 0) {
$str = explode(“=”,$headerLine);
$value = explode(“;”,$str[1]);
$cookieValue = $value[0];
break;
}

}

$cookieName = “JSESSIONID”;
$cookieDomain = “”;
$cookiePath = “/geoserver”;
$cookieExpiration = 0;

setcookie($cookieName,$cookieValue,$cookieExpiration,$cookiePath);

return $cookieValue;
}

For some reason that I couldn’t find out, the cookie set in this function is not listed in php $_COOKIE var…

So, I had to return $cookieValue and keep it with my sessions vars.

Inside the logout function, I use this value to post to j_acegi_logout:

function logoutGeoserver() {

//Logout do Geoserver
$geoserverURL = “http:///geoserver/j_acegi_logout”;

$context = stream_context_create(array(“http”=>array(
“method” => “POST”,
“header” => “Content-Type: application/x-www-form-urlencoded\r\n” .
“Content-Length: “. strlen($post) . “\r\n”.
“Cookie: JSESSIONID=”.$_SESSION[‘geoserverCookie’].”\r\n”,
)));

$logout = file_get_contents($geoserverURL, false, $context);

}

Just remember to change the if you need to use this..

Well, That’s it… Maybe it can be usefull for someone!

Any suggestions are welcome!

Best Regards,

Rodrigo C. Antonialli

Rio Claro - SP - Brasil
LinkedIn: http://www.linkedin.com/in/rcaprofile
Contato: (19) 8136-2347
rcantonialli@anonymised.com
Skype: rc_antonialli

On Wed, Oct 17, 2012 at 7:19 PM, Rodrigo Antonialli <rcantonialli@anonymised.com> wrote:

Hi everyone!

I’m running an old version of Geoserver (GeoServer 2.0-RC1). I’ve set all layers (read and write permissions) to be accessed only by ROLE_ADMINISTRATOR users.

Geoserver side is working fine. When I open geoserver web interface, I can’t see any layers. If proceed with login with admin user, all layers are shown.

My problem is with my PHP/OpenLayers application.

When I try to see my maps, an error saying that the layer doesn’t exists is shown. That’s expected, but now, how can I login from PHP to Geoserver to see my layers?

I’d like to use the same users in PHP login and Geoserver login (I just replicated the users in users.properties).

If I login into geoserver interface, and after in PHP application, I can see the maps. If I logout from geoserver interface, I can’t see it anymore.

I’m trying to post user and password to geoserver login servlet (I think it is a servlet) like that:

function loginGeoserver($username, $password) {

$geoserverURL = “http://mydomain/geoserver/j_acegi_security_check”;

$data = http_build_query(array(
“username” => $username,
“password” => $password
));

$context = stream_context_create(array(“http”=>array(
“method”=>“POST”,
“header”=>“Content-Type: application/x-www-form-urlencoded\r\n” .
"Content-Length: ". strlen($post) . “\r\n”,
“content”=>$data
)));

$page = file_get_contents($geoserverURL, false, $context);

return $page;

}

*mydomain was replaced only here =)

When I echo $page, I see the geoserver login form and a message informing username or password are wrong.

I’ve built a teste.html with a form inside it, at the same place this php function is set. From the HTML form, I can login to geoserver just pointing the method=post and action=http://mydomain/geoserver/j_acegi_security_check

Can someone help me to solve this?? Am I using the wrong way to do it or it is a problem with my PHP script?!

I’d appreciate any help!

Best Regards,

Rodrigo C. Antonialli

Rio Claro - SP - Brasil
LinkedIn: http://www.linkedin.com/in/rcaprofile
Contato: (19) 8136-2347
rcantonialli@anonymised.com
Skype: rc_antonialli

user48 · October 22, 2012, 6:59am

Oh, that’s great! Thank you for sharing. I can use it in my application

On Sun, Oct 21, 2012 at 3:34 AM, Rodrigo Antonialli <rcantonialli@anonymised.com> wrote:

Hi again!!

I’ve did it! =)

Let me say that I’m using an older version of geoserver: 2.0-RC1. I know that with newer versions this can be simpler, but I cannot update geoserver in this environment.

Here are other info about my environment:

Apache Tomcat 6.0.18
Apache 2.0.63
PHP 5.2.11

For some reason, I forgot to compile this PHP with CURL, so I needed another alternative.

Here is the functions created and working for me:

//Login Geoserver

function loginGeoserver($username, $password) {

$geoserverURL = “http:///geoserver/j_acegi_security_check”;

$post = http_build_query(array(
“username” => $username,
“password” => $password,
));

$context = stream_context_create(array(“http”=>array(
“method” => “POST”,
“header” => “Content-Type: application/x-www-form-urlencoded\r\n” .
"Content-Length: ". strlen($post) . “\r\n”,
“content” => $post,
)));

$page = file_get_contents($geoserverURL, false, $context);

for($i = 0; $i < sizeof($http_response_header); $i++){

$headerLine = $http_response_header[$i];

$pos = strpos($headerLine, ‘Set-Cookie’);

if ($pos === 0) {
$str = explode(“=”,$headerLine);
$value = explode(“;”,$str[1]);
$cookieValue = $value[0];
break;
}

}

$cookieName = “JSESSIONID”;
$cookieDomain = “”;
$cookiePath = “/geoserver”;
$cookieExpiration = 0;

setcookie($cookieName,$cookieValue,$cookieExpiration,$cookiePath);

return $cookieValue;
}

For some reason that I couldn’t find out, the cookie set in this function is not listed in php $_COOKIE var…

So, I had to return $cookieValue and keep it with my sessions vars.

Inside the logout function, I use this value to post to j_acegi_logout:

function logoutGeoserver() {

//Logout do Geoserver
$geoserverURL = “http:///geoserver/j_acegi_logout”;

$context = stream_context_create(array(“http”=>array(
“method” => “POST”,
“header” => “Content-Type: application/x-www-form-urlencoded\r\n” .
“Content-Length: “. strlen($post) . “\r\n”.
“Cookie: JSESSIONID=”.$_SESSION[‘geoserverCookie’].”\r\n”,
)));

$logout = file_get_contents($geoserverURL, false, $context);

}

Just remember to change the if you need to use this…

Well, That’s it… Maybe it can be usefull for someone!

Any suggestions are welcome!

Best Regards,

Rodrigo C. Antonialli

Rio Claro - SP - Brasil
LinkedIn: http://www.linkedin.com/in/rcaprofile
Contato: (19) 8136-2347
rcantonialli@anonymised.com
Skype: rc_antonialli

On Wed, Oct 17, 2012 at 7:19 PM, Rodrigo Antonialli <rcantonialli@anonymised.com> wrote:

Hi everyone!

I’m running an old version of Geoserver (GeoServer 2.0-RC1). I’ve set all layers (read and write permissions) to be accessed only by ROLE_ADMINISTRATOR users.

Geoserver side is working fine. When I open geoserver web interface, I can’t see any layers. If proceed with login with admin user, all layers are shown.

My problem is with my PHP/OpenLayers application.

When I try to see my maps, an error saying that the layer doesn’t exists is shown. That’s expected, but now, how can I login from PHP to Geoserver to see my layers?

I’d like to use the same users in PHP login and Geoserver login (I just replicated the users in users.properties).

If I login into geoserver interface, and after in PHP application, I can see the maps. If I logout from geoserver interface, I can’t see it anymore.

I’m trying to post user and password to geoserver login servlet (I think it is a servlet) like that:

function loginGeoserver($username, $password) {

$geoserverURL = “http://mydomain/geoserver/j_acegi_security_check”;

$data = http_build_query(array(
“username” => $username,
“password” => $password
));

$context = stream_context_create(array(“http”=>array(
“method”=>“POST”,
“header”=>“Content-Type: application/x-www-form-urlencoded\r\n” .
"Content-Length: ". strlen($post) . “\r\n”,
“content”=>$data
)));

$page = file_get_contents($geoserverURL, false, $context);

return $page;

}

*mydomain was replaced only here =)

When I echo $page, I see the geoserver login form and a message informing username or password are wrong.

I’ve built a teste.html with a form inside it, at the same place this php function is set. From the HTML form, I can login to geoserver just pointing the method=post and action=http://mydomain/geoserver/j_acegi_security_check

Can someone help me to solve this?? Am I using the wrong way to do it or it is a problem with my PHP script?!

I’d appreciate any help!

Best Regards,

Rodrigo C. Antonialli

Rio Claro - SP - Brasil
LinkedIn: http://www.linkedin.com/in/rcaprofile
Contato: (19) 8136-2347
rcantonialli@anonymised.com
Skype: rc_antonialli

Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct

Geoserver-users mailing list
Geoserver-users@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users