[Geoserver-users] Logging in to GeoServer using XMLHttpRequest in Javascript

GeoServer GeoServer User
1

Dear List,

I needed a way to log into GeoServer from my own web page using JavaScript and this seems to work:

var oReq = new XMLHttpRequest();
var UID = document.getElementById(“userName”).value;
var PWD = document.getElementById(“password”).value;
var params = “username=” + UID + “&password=” + PWD;
try {
oReq.open(“POST”, “/geoserver/j_acegi_security_check”, false);
oReq.setRequestHeader(“Content-type”, “application/x-www-form-urlencoded”);
oReq.setRequestHeader(“Content-length”, params.length);
oReq.send(params);
}
catch (ee) {
alert(“Could not log into GeoServer with this UserID and Password.”);
return;
}
//Check to see if GeoServer rejected by looking for a certain string - not too elegant…
if (oReq.responseText.toString().indexOf(“Invalid username/password combination.”) > 0) {
alert(“Could not log into GeoServer with this UserID and Password.”);
return;
}
However, is there a better way than checking for “Invalid username/password combination.” in the responsetext? (like a rest call?)

Roger

2

The only other way I can think of is to POST or PUT something to http://localhost:8080/geoserver/rest, setting the basic auth parameters for the username and password.

If the username/password are incorrect you will get a 401 back. However if the username/password are good you will get a 405 back.

-Justin

Roger Bedell wrote:

Dear List,
I needed a way to log into GeoServer from my own web page using JavaScript and this seems to work:
             var oReq = new XMLHttpRequest();
            var UID = document.getElementById("userName").value;
            var PWD = document.getElementById("password").value;
            var params = "username=" + UID + "&password=" + PWD;
            try {
                oReq.open("POST", "/geoserver/j_acegi_security_check", false);
                oReq.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
                oReq.setRequestHeader("Content-length", params.length);
                oReq.send(params);
            }
            catch (ee) {
                alert("Could not log into GeoServer with this UserID and Password.");
                return;
            }
            //Check to see if GeoServer rejected by looking for a certain string - not too elegant...
            if (oReq.responseText.toString().indexOf("Invalid username/password combination.") > 0) {
                alert("Could not log into GeoServer with this UserID and Password.");
                return;
            }
However, is there a better way than checking for "Invalid username/password combination." in the responsetext? (like a rest call?)
Roger

------------------------------------------------------------------------

------------------------------------------------------------------------------

------------------------------------------------------------------------

_______________________________________________
Geoserver-users mailing list
Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

--
Justin Deoliveira
OpenGeo - http://opengeo.org
Enterprise support for open source geospatial.