Hello,

We have implemented the Geoserver on our environment and I have to focus on
user management.
When I read your document, there is a line said "Anonymous access can be
disabled by clearing the Allow anonymous authentication check box." but I
cannot found that check box.
Can you guide me how to disable Anonymous to access the web tool?

Thank you.

On our web tool screen,

(Embedded image moved to file: pic15385.gif)

On your document,
http://docs.geoserver.org/2.3.2/user/webadmin/security/auth.html

(Embedded image moved to file: pic17283.gif)

Best Regards,
Kunaporn Srimanotham
--------------------------------------------------------------
Kunaporn Srimanotham
IBM Thailand - Global Business Services
Email: kunaporn@anonymised.com
Tel (IBM): (66)2 298-3778
Tel (Mobile): (66)8 1743-8321

Hi,

I don’t know where that checkbox is (maybe an error in documentation), but to disable the anonymous access to GeoServer you have to :

• open all the filter chain rows (click on the link in the column name) and remove all anonymous filters from the selected column to the available one( select it and click on the arrow to move it on the left).
• select the anonymous checkbox in the authentication filters
• click on remove selected button and confirm.
• Save at the page bottom. (If you forget to remove some elements from filter chain, you will see an error like “unknown authentication filter in filter chain rest”)

This will show the basic authentication prompt each time you try to connect to GeoServer as anonymous user.

If you want to re-enable it you have to click on Add new under authentication filter, select Anonymous from the list, name it anonymous and save.

Lorenzo.

Hi Lorenzo,

I have configured as your suggested but it seem like anonymous can still
access the web tool.

This is the configuration picture. I have removed the Anonymous on all
filter chains and authentication filters.

(Embedded image moved to file: pic30776.gif)

When I access the web tool with out authentication, I can still access web
tool.

(Embedded image moved to file: pic09377.gif)

Can you suggest how to disable anonymous?
Thank you.

Best Regards,
Kunaporn Srimanotham
--------------------------------------------------------------
Kunaporn Srimanotham
IBM Thailand - Global Business Services
Email: kunaporn@anonymised.com
Tel (IBM): (66)2 298-3778
Tel (Mobile): (66)8 1743-8321

From: Lorenzo Natali <lorenzo.natali@anonymised.com>
To: Kunaporn Srimanotham/Thailand/IBM@anonymised.com,
Cc: geoserver-users <geoserver-users@lists.sourceforge.net>
Date: 08/08/2014 12:29 AM
Subject: Re: [Geoserver-users] Disable Anonymous User to Access
            Geoserver on version 2.3.2
Sent by: offtherailz@anonymised.com

Hi,
I don't know where that checkbox is (maybe an error in documentation), but
to disable the anonymous access to GeoServer you have to :
* open all the filter chain rows (click on the link in the column name) and
remove all anonymous filters from the selected column to the available one
( select it and click on the arrow to move it on the left).
* select the anonymous checkbox in the authentication filters
* click on remove selected button and confirm.
* Save at the page bottom. (If you forget to remove some elements from
filter chain, you will see an error like "unknown authentication filter in
filter chain rest")

This will show the basic authentication prompt each time you try to connect
to GeoServer as anonymous user.

If you want to re-enable it you have to click on Add new under
authentication filter, select Anonymous from the list, name it anonymous
and save.

Lorenzo.

2014-08-07 12:39 GMT+02:00 Kunaporn Srimanotham <kunaporn@anonymised.com>:

  Hello,

  We have implemented the Geoserver on our environment and I have to focus
  on
  user management.
  When I read your document, there is a line said "Anonymous access can be
  disabled by clearing the Allow anonymous authentication check box." but I
  cannot found that check box.
  Can you guide me how to disable Anonymous to access the web tool?

  Thank you.

  On our web tool screen,

  (Embedded image moved to file: pic15385.gif)

  On your document,
  http://docs.geoserver.org/2.3.2/user/webadmin/security/auth.html

  (Embedded image moved to file: pic17283.gif)

  Best Regards,
  Kunaporn Srimanotham
  --------------------------------------------------------------
  Kunaporn Srimanotham
  IBM Thailand - Global Business Services
  Email: kunaporn@anonymised.com
  Tel (IBM): (66)2 298-3778
  Tel (Mobile): (66)8 1743-8321
  ------------------------------------------------------------------------------

  Infragistics Professional
  Build stunning WinForms apps today!
  Reboot your WinForms applications with our WinForms controls.
  Build a bridge from your legacy apps to the future.
  http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk

  _______________________________________________
  Geoserver-users mailing list
  Geoserver-users@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/geoserver-users

--

GeoServer Professional Services from the experts! Visit
http://goo.gl/NWWaa2 for more information.

Regards,
Lorenzo Natali

==

Dott. Ing. Lorenzo Natali
@lorenzonatali
Software Engineer

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

Hi,
did you clicked on “Save” button at the end of the page, and empty the browser cache and retried?
Sorry but I tried and it worked for me.

I understood you don’t want to disable the anonymous access at all, but only for the web view.
In this case you should add the anonymous entry to the authentication filters and remove "anonymous only from the “web” entry in the filter chain.

That’s what I see if I do it and try to access as anonymous user (I can not access to the layer preview without authentication).

.Is it what you want?

Hi,

Thank you for your suggestion

Yes, I saved after change configuration and you are correct that I just
don't want anonymous user can access web.
I changed as your suggestion but the anonymous user can still access web as
picture below.

(Embedded image moved to file: pic10872.gif)

On setting, I have added anonymous in authentication filters

(Embedded image moved to file: pic06923.gif)

and do not select anonymous and web "filter chain"

(Embedded image moved to file: pic03738.gif)

Please help to solve this issue.
Thank you.

Best Regards,
Kunaporn Srimanotham
--------------------------------------------------------------
Kunaporn Srimanotham
IBM Thailand - Global Business Services
Email: kunaporn@anonymised.com
Tel (IBM): (66)2 298-3778
Tel (Mobile): (66)8 1743-8321

From: Lorenzo Natali <lorenzo.natali@anonymised.com>
To: Kunaporn Srimanotham/Thailand/IBM@anonymised.com,
Cc: geoserver-users <geoserver-users@lists.sourceforge.net>
Date: 08/08/2014 04:26 PM
Subject: Re: [Geoserver-users] Disable Anonymous User to Access
            Geoserver on version 2.3.2
Sent by: offtherailz@anonymised.com

Hi,
did you clicked on "Save" button at the end of the page, and empty the
browser cache and retried?
Sorry but I tried and it worked for me.

I understood you don't want to disable the anonymous access at all, but
only for the web view.
In this case you should add the anonymous entry to the authentication
filters and remove "anonymous only from the "web" entry in the filter
chain.
That's what I see if I do it and try to access as anonymous user (I can not
access to the layer preview without authentication).

Immagine in linea 1
.Is it what you want?

To be sure, try to remove the remeberme filter

Cheers
Christian