Context
In my current project, I've the requirement to validate that requests coming to GeoServer (2.3.0) are allowed.
The project holds those facts:
The documentation is telling us that we should be able to do so...
However, the documentation is not clear how to create such components and how they should be configured.
Debugging GeoServer I managed to find that to configure such a filter, it requires a dedicated Authentication Provider. That, in order to have a panel in the web admin interface (under authentications, in the Authentication Filters list)
Panel
Thus my code is composed of those files:
The ProducteurAuthenticationFilterConfig declares that in its constructor:
setClassName(ProducteurAnonymousAuthenticationProvider.class.getName());setName("producteur");Filter (and Provider)
Now, the classes needed to create a filter to be included in a chain (I guess):
At the end of the game, in the Web Admin Interface I've a new Item in the filter panel, and I used it in the default mapping (see image below for references):
Problem description
Here we are...
None of my WFS request issued by a client (OpenLayers) which are matching the default mapping (/**) is going through the defined Filter.While debugging I found that the filter chains defined in the Spring Context are never including my definition, but rather are always including the classical one using either anonymous, digest or basic...
Question
So is there anyone able to point me out with a (much ^^) more complete documentation about how I have to do it?
أكثر...
In my current project, I've the requirement to validate that requests coming to GeoServer (2.3.0) are allowed.
The project holds those facts:
- the GS client cannot provide the principal information (the passwordfor instance), GS itself has no connection with a user/role repo
- a valid request (to a specific WFS' layer) contains a special HTTP Header (let's say X-CUSTOM-VALID)
- This header is a JSON encoded message holding enough information to validate the fact that the request was initiated by a client that was connected to a valid third system (a username, a secret, stuffs like that)
The documentation is telling us that we should be able to do so...
However, the documentation is not clear how to create such components and how they should be configured.
Debugging GeoServer I managed to find that to configure such a filter, it requires a dedicated Authentication Provider. That, in order to have a panel in the web admin interface (under authentications, in the Authentication Filters list)
Panel
Thus my code is composed of those files:
- ProducteurAuthFilterPanel.java
- ProducteurAuthFilterPanelInfo.java
- ProducteurAuthenticationFilterConfig.java
- ProducteurAuthenticationFilterPanel.html
The ProducteurAuthenticationFilterConfig declares that in its constructor:
setClassName(ProducteurAnonymousAuthenticationProvider.class.getName());setName("producteur");Filter (and Provider)
Now, the classes needed to create a filter to be included in a chain (I guess):
- ProducteurAuthenticationFilter : the filter implementation extending GeoServerSecurityFilter and implementing GeoServerAuthenticationFilter
- ProducteurAnonymousAuthenticationProvider: somehow required by the Panel (above) to define the new filter
- ProducteurAuthenticationException: used in the AuthenticationEntryPoint (only Http403ForbiddenEntryPoint for now)
At the end of the game, in the Web Admin Interface I've a new Item in the filter panel, and I used it in the default mapping (see image below for references):
Problem description
Here we are...
None of my WFS request issued by a client (OpenLayers) which are matching the default mapping (/**) is going through the defined Filter.While debugging I found that the filter chains defined in the Spring Context are never including my definition, but rather are always including the classical one using either anonymous, digest or basic...
Question
So is there anyone able to point me out with a (much ^^) more complete documentation about how I have to do it?
أكثر...