[Geoserver-users] geoserver user details issue

GeoServer GeoServer User
1

ir I have installed geoserver 2.2 and created some user account on it
I have installed geoserver 2.2 and included service accees rule for wms.* as
"ROLE_AUTHENTICATED".so whenever anyone try to access the wms service one
authentication window apperared which tells "authentication Required"(A
username and password are being requested by http://localhost:8080. The site
says: "GeoServer Realm").after providing username and password user is able
to access the resources.

my question is that if i want to know the which user is accessing which
service.basically I want to know user name of the user who is accessing the
service.for that if anyone provide me the solution then I will be very
thankful to him.

thanks and regards
soni
xs.soni@anonymised.com

--
View this message in context: http://osgeo-org.1560.x6.nabble.com/geoserver-user-details-issue-tp5087093.html
Sent from the GeoServer - User mailing list archive at Nabble.com.

2

On Sat, Nov 2, 2013 at 5:20 PM, soni <xs.soni@anonymised.com> wrote:

ir I have installed geoserver 2.2 and created some user account on it
I have installed geoserver 2.2 and included service accees rule for wms.*
as
"ROLE_AUTHENTICATED".so whenever anyone try to access the wms service one
authentication window apperared which tells "authentication Required"(A
username and password are being requested by http://localhost:8080. The
site
says: "GeoServer Realm").after providing username and password user is able
to access the resources.

my question is that if i want to know the which user is accessing which
service.basically I want to know user name of the user who is accessing the
service.for that if anyone provide me the solution then I will be very
thankful to him.

Have a look at the monitoring extension, it should provide that information
in the request logs.

Cheers
Andrea

--

Our support, Your Success! Visit http://opensdi.geo-solutions.it for more
information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

3

Dear Sir,
           I have also tried with monitoring extension.all information is
coming like remote IP,host IP,service which by client,resources used by
client,start time,end time etc... except user name.I have followed the
following url.
http://docs.geoserver.org/stable/en/user/extensions/monitoring/installation.html.

as per the documentation I have used code for content.ftl file which is
given below.

<#escape x as x?xml>
<Request id="${id!""}">
   <Service>${service!""}</Service>
   <Version>${owsVersion!""}</Version>
   <Operation>${operation!""}</Operation>
   <SubOperation>${subOperation!""}</SubOperation>
   <Resources>${resourcesList!""}</Resources>
   <Path>${path!""}</Path>
   <QueryString>${queryString!""}</QueryString>
   <#if bodyAsString??>
   <Body>
   ${bodyAsString}
   </Body>
   </#if>
   <HttpMethod>${httpMethod!""}</HttpMethod>
   <StartTime>${startTime?datetime?iso_utc_ms}</StartTime>
   <EndTime>${endTime?datetime?iso_utc_ms}</EndTime>
   <TotalTime>${totalTime}</TotalTime>
   <RemoteAddr>${remoteAddr!""}</RemoteAddr>
   <RemoteHost>${remoteHost!""}</RemoteHost>
   <Host>${host}</Host>
   <RemoteUser>${remoteUser!""}</RemoteUser>
   <ResponseStatus>${responseStatus!""}</ResponseStatus>
   <ResponseLength>${responseLength?c}</ResponseLength>
   <ResponseContentType>${responseContentType!""}</ResponseContentType>
   <#if error??>
   <Failed>true</Failed>
   <ErrorMessage>${errorMessage!""}</ErrorMessage>
   <#else>
   <Failed>false</Failed>
   </#if>
</Request>
</#escape>
footer.ftl is executed just once when the log file is closed to build the
last few lines of the file. The default footer template is:

</Requests>

Dear sir,I have given role authenticated to the WMS service then it is
asking for authentication but still my requirement is not full fill since
username which is using my service is not coming in the log file
please guide me.
Thanks in advance

--
View this message in context: http://osgeo-org.1560.x6.nabble.com/geoserver-user-details-issue-tp5087093p5087380.html
Sent from the GeoServer - User mailing list archive at Nabble.com.

4

On Tue, Nov 5, 2013 at 3:33 AM, soni <xs.soni@anonymised.com> wrote:

Dear Sir,
           I have also tried with monitoring extension.all information is
coming like remote IP,host IP,service which by client,resources used by
client,start time,end time etc... except user name.I have followed the
following url.

http://docs.geoserver.org/stable/en/user/extensions/monitoring/installation.html
.

as per the documentation I have used code for content.ftl file which is
given below.

The user should be in the RemoteUser tag. I have no idea why it's not coming
out for you.

The code injecting the user for logging is in the MonitorFilter class,
looks as follows:

if (SecurityContextHolder.getContext() != null
                && SecurityContextHolder.getContext().getAuthentication()
!= null) {
            Authentication auth =
SecurityContextHolder.getContext().getAuthentication();
            if (auth.getPrincipal() != null && auth.getPrincipal()
instanceof User) {

data.setRemoteUser(((User)auth.getPrincipal()).getUsername());
            }
        }

Christian (cc'ed), any idea why an authenticated request might end up not
having
its user set in the request data (the "data" variable above)?

Soni, are you using HTTP basic authentication (the default) or some other
type
of authentication mechanism?

Cheers
Andrea

--

Our support, Your Success! Visit http://opensdi.geo-solutions.it for more
information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

5

Dear Sir,
       I am using Basic username/password authentication(default)
authentication mechanism which is listed in *Authentication Providers*
heading.
Please let me know if i am doing any mistake from my side.

Thanks and Regards
soni

--
View this message in context: http://osgeo-org.1560.x6.nabble.com/geoserver-user-details-issue-tp5087093p5088091.html
Sent from the GeoServer - User mailing list archive at Nabble.com.

6

Hi

Different authentication mechanisms produce different kind of authentication objects. It is not guaranteed that auth.getPrincipal() is a user object. The Spring Security Authentication interface declares

Object getPrincipal();

Maybe the the following change would help to improve the situation

if (auth.getPrincipal() != null ) {
if (auth.getPrincipal() instanceof User) ){
data.setRemoteUser(((User)auth.getPrincipal()).getUsername());
} else {

data.setRemoteUser(auth.getPrincipal().toString);
}
}

Cheers
Christian

···

On Thu, Nov 7, 2013 at 12:11 PM, Andrea Aime <andrea.aime@anonymised.com> wrote:

On Tue, Nov 5, 2013 at 3:33 AM, soni <xs.soni@anonymised.com> wrote:

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

Dear Sir,
I have also tried with monitoring extension.all information is
coming like remote IP,host IP,service which by client,resources used by
client,start time,end time etc… except user name.I have followed the
following url.
http://docs.geoserver.org/stable/en/user/extensions/monitoring/installation.html.

as per the documentation I have used code for content.ftl file which is
given below.

The user should be in the RemoteUser tag. I have no idea why it’s not coming
out for you.

The code injecting the user for logging is in the MonitorFilter class, looks as follows:

if (SecurityContextHolder.getContext() != null
&& SecurityContextHolder.getContext().getAuthentication() != null) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth.getPrincipal() != null && auth.getPrincipal() instanceof User) {
data.setRemoteUser(((User)auth.getPrincipal()).getUsername());
}
}

Christian (cc’ed), any idea why an authenticated request might end up not having
its user set in the request data (the “data” variable above)?

Soni, are you using HTTP basic authentication (the default) or some other type
of authentication mechanism?

Cheers
Andrea

==
Our support, Your Success! Visit http://opensdi.geo-solutions.it for more information.

Ing. Andrea Aime

@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

7

For basic auth, the principal seems to be a String.

@Andrea, what do you think about code proposal ?

Cheers

···

On Fri, Nov 8, 2013 at 2:31 AM, soni <xs.soni@anonymised.com> wrote:

Dear Sir,
I am using Basic username/password authentication(default)
authentication mechanism which is listed in Authentication Providers
heading.
Please let me know if i am doing any mistake from my side.

Thanks and Regards
soni


View this message in context: http://osgeo-org.1560.x6.nabble.com/geoserver-user-details-issue-tp5087093p5088091.html

Sent from the GeoServer - User mailing list archive at Nabble.com.

November Webinars for C, C++, Fortran Developers
Accelerate application performance with scalable programming models. Explore
techniques for threading, error checking, porting, and tuning. Get the most
from the latest Intel processors and coprocessors. See abstracts and register
http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk

Geoserver-users mailing list
Geoserver-users@anonymised.comsts.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH

8

My problem is still not solved ...will u please any one tell me the other
solutions..

Thanks

--
View this message in context: http://osgeo-org.1560.x6.nabble.com/geoserver-user-details-issue-tp5087093p5088590.html
Sent from the GeoServer - User mailing list archive at Nabble.com.

9

On Fri, Nov 8, 2013 at 4:31 PM, Christian Mueller <
christian.mueller@anonymised.com> wrote:

For basic auth, the principal seems to be a String.

@Andrea, what do you think about code proposal ?

I did open a ticket for it, to avoid losing the idea, and Justin agreed:
https://jira.codehaus.org/browse/GEOS-6144

First one that has a chance/need can do the commit I guess?

Cheers
Andrea

--

Our support, Your Success! Visit http://opensdi.geo-solutions.it for more
information.

Ing. Andrea Aime
@geowolf
Technical Lead

GeoSolutions S.A.S.
Via Poggio alle Viti 1187
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 339 8844549

http://www.geo-solutions.it
http://twitter.com/geosolutions_it

-------------------------------------------------------

10

waiting for reply....

--
View this message in context: http://osgeo-org.1560.x6.nabble.com/geoserver-user-details-issue-tp5087093p5092208.html
Sent from the GeoServer - User mailing list archive at Nabble.com.