Hi Deen

Yes, that extra Save step has caught me and my team once or twice before!

For your external authkey web service returning:

{"user": "admin"}
or
{"user": "xxxx", "whatever":"whatever"}

you'll need a regex along the lines of:

"user": "(.+)"
or
"user":\s*"([^"]+)"

rather than the one you have:

^.*?\"user\"\\s*:\\s*\"([^\"]+)\".*$

which will match "json response where the username is contained in a *property
*named user" according to the documentation at
https://docs.geoserver.org/stable/en/user/community/authkey/index.html#key-provider-using-an-external-web-service

Regards

Peter


On Sun, 8 Dec 2019 at 15:21, Deen <kensong...@gmail.com> wrote:

> Hi Peter,
>
> My bad, I did it as well and but just forgot to click the "save" button,
> that's why I didn't see the magic:) Anyway, I continue a bit further with
> the key provider using an external web service, somehow I got stuck.
>
> *Wha I did:*
>
> 1. setup a dummy rest end point for auth with Nodejs:
> http://127.0.0.1:3000/auth/{mytoken}
>     curl -X GET http://127.0.0.1:3000/auth/xxxx
>     it always return json response {"user": "admin"}
>
> 2. Then setup the Authentication Filter again as below
> <http://osgeo-org.1560.x6.nabble.com/file/t379129/authkey.png>
>
> 3. keep the same service rule, apply and save the filter to default as your
> instruction
>
> *What I expect:*
> it should give me the capabilities document with following requrest
>
> curl -X GET
> '
> http://localhost:8080/geoserver/wms?service=WMS&version=2.0.0&request=GetCapabilities&authkey=xxxx
> '
>
> Instead I am getting the 401 again. then I checked the logs
>
> 08 Dec 13:32:16 WARN [geoserver.security] - Error in
> WebServiceAuthenticationKeyMapper, cannot find userName in response
> 08 Dec 13:32:16 WARN [geoserver.security] - No User Group Service
> configured
> for webservice url [http://127.0.0.1:3000/auth/{key}] with authkey: xxxx
>
> I did saw geoserver making request with replacing key to my rest end point,
> and the rest end point did repsonse the json.
> By checking the geoserver source code  here
> <
> https://github.com/geoserver/geoserver/blob/ad7eb9041ff5dab135cba61798e8415c3b91097d/src/extension/authkey/src/main/java/org/geoserver/security/WebServiceAuthenticationKeyMapper.java#L188>
>
> .
>
> I realized that it happens because the repsonse body doesn't match the
> regex
> pattern, but how come?
> Isn't the json responose structure like {"user": "xxxx", "whatever":
> "whatever"} with the current regex ?
>
> Regards & Thanks in advance
> Deen
>
>
>
>
>
> --
> Sent from:
> http://osgeo-org.1560.x6.nabble.com/GeoServer-User-f3786390.html
>
>
> _______________________________________________
> Geoserver-users mailing list
>
> Please make sure you read the following two resources before posting to
> this list:
> - Earning your support instead of buying it, but Ian Turton:
> http://www.ianturton.com/talks/foss4g.html#/
> - The GeoServer user list posting guidelines:
> http://geoserver.org/comm/userlist-guidelines.html
>
> If you want to request a feature or an improvement, also see this:
> https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer
>
>
> Geoserver-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
_______________________________________________
Geoserver-users mailing list

Please make sure you read the following two resources before posting to this 
list:
- Earning your support instead of buying it, but Ian Turton: 
http://www.ianturton.com/talks/foss4g.html#/
- The GeoServer user list posting guidelines: 
http://geoserver.org/comm/userlist-guidelines.html

If you want to request a feature or an improvement, also see this: 
https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer


Geoserver-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Reply via email to