Do you use J2EE authentication ?. In this case, have a look at
http://docs.geoserver.org/stable/en/user/security/tutorials/j2ee/index.html
This tutorials shows how GeoServers works with users authenticated by the J2ee container. In your case, the only nasty thing is that you have to add each role to the geoserver role store.
On Wed, Oct 2, 2013 at 10:39 AM, Chris Morgan <chris@anonymised.com <mailto:chris@anonymised.com>> wrote:
Thanks Christian,
What I am currently have for Geoserver 2.0 is re-using a Tomcat
JDBCRealm
database, which has tables 'users' and 'user_roles'.
I edited geoserver's applicationSecurityContext.xml to
replace the default GeoserverUserDao bean with a JdbcDaoImpl bean.
This meant I could not use the geoserver interface to edit these
users and roles, but that was no big deal.
I don't really fancy writing my own authentication provider for
Geoserver 2.4, so I will have to rethink how to integrate
the display of geoserver services with our internal Tomcat apps,
and investigate
how to pass authentication automatically as part of a request from
a java servlet, rather than let geoserver prompt for
username/password.
Any pointers on this alternative?
Regards,
Chris
On 01/10/2013 09:37, Christian Mueller wrote:
Hi Chris
Not sure how your authentication schema works.
There is a JDBC connection provider
http://docs.geoserver.org/stable/en/user/security/auth/providers.html
authenticating a user using a jdbc connect.
If you have a table with user name + md5 hash, you need to
develop your own authentication provider.
You should hava a look at class
org.geoserver.security.jdbc.JDBCConnectAuthProvider
You can inject your authentication provider by creating your own community module. Unfortunately, until now, there is no documentation in the developers guide. Maybe I can assist.
Cheers
Christian
On Mon, Sep 30, 2013 at 3:28 PM, Chris Morgan
<chris@anonymised.com <mailto:chris@anonymised.com>> wrote:
Hello everyone,
I've been away from the geoserver community for a while,
but I am back now looking to upgrade our working Geoserver
installation.
We have a working geoserver V2.0 installation, which
uses a shared JDBC database containing MD5 password hashes
for authentication - I managed to get geoserver to recognise
this instead of the old plain text users.properties file by
manually
editing applicationSecurityContext.xml to add new
userDetailsService and dataSource beans.
I would now like to use this same user database with the
current version of Geoserver, but I see that the comprehensive
new authentication framework has completely skipped past
MD5 password hashing!
Is there any way to get Geoserver V2.4 to
use a user/group service with simple MD5 password hashes instead
of the PBE or SHA algorithms used by default?
Thanks,
Chris
------------------------------------------------------------
Lynx Information Systems Ltd
93-99 Upper Richmond Rd
London SW15 2TG
United Kingdom
Web: http://www.lynxinfo.co.uk
Email: lynx@anonymised.com <mailto:lynx@anonymised.com>
Tel: +44 (0)20 8780 2634 <tel:%2B44%20%280%2920%208780%202634>
Fax: +44 (0)20 8780 0931 <tel:%2B44%20%280%2920%208780%200931>
Registered in England Number 2454130
VAT Number GB 561 8979 88
Incoming and outgoing emails are checked for viruses
by Sophos AntiVirus.
This email may contain confidential information which is
intended for the named recipient(s) only. If you are
not the named recipient you should not take any action in
relation to this email, other than to notify us that you
have received it in error.
------------------------------------------------------------
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application
performance.
Explore tips for MPI, OpenMP, advanced profiling, and more.
Get the most from
the latest Intel processors and coprocessors. See abstracts
and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
<mailto:Geoserver-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/geoserver-users
-- DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------
Lynx Information Systems Ltd
93-99 Upper Richmond Rd
London SW15 2TG
United Kingdom
Web:http://www.lynxinfo.co.uk
Email:lynx@anonymised.com <mailto:lynx@anonymised.com>
Tel:+44 (0)20 8780 2634 <tel:%2B44%20%280%2920%208780%202634>
Fax:+44 (0)20 8780 0931 <tel:%2B44%20%280%2920%208780%200931>
Registered in England Number 2454130
VAT Number GB 561 8979 88
Incoming and outgoing emails are checked for viruses
by Sophos AntiVirus.
This email may contain confidential information which is
intended for the named recipient(s) only. If you are
not the named recipient you should not take any action in
relation to this email, other than to notify us that you
have received it in error.
------------------------------------------------------------
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get
the most from
the latest Intel processors and coprocessors. See abstracts and
register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
<mailto:Geoserver-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/geoserver-users
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH