Hi Indian First, please stay on the user list, this thread may interest some other users too and perhaps we get some further tips.
Some questions 1) Do you want to use the GeoServer admin GUI for creating features/styles or the REST API (configuring without a GUI) 2) Which GeoServer do you use. Starting with 2.2.x, we have a more powerful security subsystem offering more possibilities for authentication. Please answer these questions Christian Zitat von "indian.ganesh" <[email protected]>: > Hi Christian, > > i am using login dialog only to supply the username and > password dynamically. and that login dialog will make a submit request to > local server. then local server will authenticate the user whether he is > authorized to make authentication to geoserver or not. > > if the credentials passed by the user are authenticated by > local server then i am trying to perform geoserver authentication. will > this create any issue in geoserver authentication? > > > On 20 September 2012 18:31, <[email protected]> wrote: > >> Hi >> >> Some explanations. Do not mix basic auth and form based auth. If you want >> to log in and create a servers session using form based auth, look here >> >> https://getsatisfaction.com/**opengeo/topics/auth_in_** >> geoserver_with_html_php_js<https://getsatisfaction.com/opengeo/topics/auth_in_geoserver_with_html_php_js> >> >> You can see an example. I would recommend this for your needs. >> >> If you do not want to create an HTTP session and use basic auth, then look >> here >> http://coderseye.com/2007/how-**to-do-http-basic-auth-in-ajax.**html<http://coderseye.com/2007/how-to-do-http-basic-auth-in-ajax.html>. >> If you use basic auth, you have to resend the "Authorization" header for >> each request. I think this is not what you want. >> >> >> Christian >> >> >> >> >> >> Zitat von "indian.ganesh" <[email protected]>: >> >> hi Christian, >>> >>> i'm little bit confused.. >>> >>> following is my code for authentication >>> >>> showLoginDialog: function() { >>> var panel = new Ext.FormPanel({ >>> url: >>> "http://localhost/Ganesh/**login_response.json<http://localhost/Ganesh/login_response.json> >>> ", >>> frame: true, >>> labelWidth: 60, >>> defaultType: "textfield", >>> >>> errorReader: { >>> read: function(response) { >>> var success = false; >>> var records = []; >>> if (response.status === 200) { >>> success = true; >>> } else { >>> records = [ >>> {data: {id: "username", msg: "invalid Username >>> or password."}}, >>> {data: {id: "password", msg: "invalid Username >>> or password."}} >>> ]; >>> } >>> return { >>> success: success, >>> records: records >>> }; >>> } >>> }, >>> items: [{ >>> fieldLabel: "User", >>> name: "username", >>> allowBlank: false >>> }, { >>> fieldLabel: "password", >>> name: "password", >>> inputType: "password", >>> allowBlank: false >>> }], >>> buttons: [{ >>> text: "Login", >>> formBind: true, >>> handler: submitLogin, >>> scope: this >>> }], >>> keys: [{ >>> key: [Ext.EventObject.ENTER], >>> handler: submitLogin, >>> scope: this >>> }] >>> }); >>> function submitLogin() { >>> panel.buttons[0].disable(); >>> panel.getForm().submit({ >>> success: function(form, action) { >>> var response = JSON.parse(action.response.**responseText); >>> this.setAuthorizedRoles(["**ROLE_ADMINISTRATOR"]); >>> >>> app.mapPanel.getTopToolbar().**items.each(function(tool) >>> { >>> if (tool.needsAuthorization === true) { >>> tool.enable(); >>> } >>> }); >>> // var user = form.findField('username').** >>> getValue(); >>> var user = response.username; >>> var pwd = response.password; >>> >>> var tok = user + ':' + pwd; >>> var auth = "Basic "+ Base64.encode(tok); >>> var url = >>> 'http://localhost:8080/**geoserver/j_spring_security_**check<http://localhost:8080/geoserver/j_spring_security_check> >>> '; >>> Ext.Ajax.request({ >>> url : url, >>> method : 'POST', >>> scriptTag: true, >>> params: { >>> username: user, >>> password: pwd >>> }, >>> // headers : { Authorization : auth }, >>> success: function(response){ >>> app.setCookieValue(app.**cookieParamName, user); >>> app.showLogout(user); >>> }, >>> failure: function(response) { >>> app.clearCookieValue(app.**cookieParamName); >>> app.showLoginDialog(); >>> } >>> }); >>> win.close(); >>> }, >>> failure: function(form, action) { >>> this.authorizedRoles = []; >>> panel.buttons[0].enable(); >>> form.markInvalid({ >>> "username": "invalid Username or password.", >>> "password": "invalid Username or password." >>> }); >>> }, >>> scope: this >>> }); >>> } >>> >>> var win = new Ext.Window({ >>> title: this.loginText, >>> layout: "fit", >>> width: 260, >>> height: 130, >>> plain: true, >>> border: false, >>> modal: true, >>> items: [panel] >>> }); >>> win.show(); >>> }, >>> >>> in which the url >>> "http://localhost/Ganesh/**login_response.json<http://localhost/Ganesh/login_response.json>" >>> provides a >>> json which is created for test purpose as follows >>> >>> { >>> "status" : true, >>> "username": "admin", >>> "password": "admin132", >>> "message": "the login successful" >>> } >>> >>> after that i make a request to the geoserver/j_spring_security_**check as >>> shown in the code >>> >>> but i do not get authenticated to the geoserver as the last two requests >>> to >>> geoserver doesn't fulfill >>> >>> if you can provide a working example related to the geoserver basic http >>> authentication from client side apart from GeoExplorer one . i'll be very >>> thankful to you.. sir >>> >>> >> >> >> ------------------------------**------------------------------**---- >> This message was sent using IMP, the Internet Messaging Program. >> >> >> > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
