-
Notifications
You must be signed in to change notification settings - Fork 417
MapStore2 users GeoServer integration with Authkey
Lorenzo Pini edited this page Oct 17, 2018
·
15 revisions
- GeoServer must have the Authkey Plugin Community Module installed
- MapStore2 Database must be reachable by GeoServer (H2 will not work, use PostgreSQL or Oracle)
- MapStore2 must be reachable by GeoServer
This example will focus on PostgreSQL database type
I am assuming this is a new installation, so no existing user or map will be preserved
- Follow Geostore wiki to setup a postgresql database (ignore the geostore_test part)
https://github.com/geosolutions-it/geostore/wiki/Building-instructions#building-geostore-with-postgres-support - Start Tomcat once to make it extract the war file
- Stop Tomcat
- Copy the WEB-INF/classes/db-conf/postgres.properties file over the WEB-INF/classes/geostore-database-ovr.properties
- Start Tomcat
- admin:admin
- user:user
Follow this https://github.com/geosolutions-it/geostore/tree/master/geoserver
Create the empty GeoStore database using scripts as described in GeoStore WIKI (geosolutions-it/geostore/wiki/Building-instructions#building-geostore-with-postgres-support).
- in GeoServer and add a new User Group Service
- Setup the User Group Service
- Select JDBC
- name: geostore
- Password encryption : Digest
- password policy default
- Driver org.postgresql.Driver (or JNDI)
- connection url jdbc:postgresql://localhost:5432/geostore (or the one for your setup)
- JNDI only: the JNDI resource name should look like this java:comp/env/jdbc/geostore
- set username and password for the db (user 'geostore' with password 'geostore')
- Save
- Place the provided files in the created directory under <gs_datadir>/security/usergroup/geostore .
- Then go back to geostore user group service (the ddl and dml path should have values in them)
- Save again
* Add a new Role Service
* select JDBC
* name geostore
* db org.postgresql.Driver
* connection url: jdbc:postgresql://localhost:5432/geostore (or JNDI, same as above)
* set user and password (user 'geostore' with password 'geostore')
* save
* add the provided files to the geostore directory under /<gs_datadir>/security/role/geostore and save again
* go Again in JDBC Role Service 'geostore'
* select Administrator role to ADMIN
* select Group Administrator Role to ADMIN
* go To Security Settings and set the 'Active role service' to “geostore”
* go to Authentication Section, scroll to Authentication Providers and Add a new one.
* select 'Username Password'
* name it “geostore”
* select “geostore” from the select box
* Save.
* go to Provider chain and move geostore in the right list, on top
* save
* Install the authkey module in GeoServer.
* Go to the authentication page and scroll into the 'Authentication Filters' section
* Click 'Add new'.
* Inside the 'New authentication Filter' page click on authkey module.
* Insert the name (i.e. 'geostore').
* Leave authkey as parameter name.
* Select the **Web Service** as 'Authentication key user mapper'.
* Select the created geostore's 'User/Group Service'.
* Input the mapstore2 url:
http://<your_hostname>:<mapstore2_port>/mapstore/rest/geostore/session/username/{key}
Examples:
```
http://localhost:36728/mapstore/rest/geostore/session/username/{key}
http://localhost/mapstore2/rest/geostore/session/username/{key}
http://mapstore2.geo-solutions.it/mapstore/rest/geostore/session/username/{key}
```
* Save.
* Go into the authentication page and open default filter chain.
* Add 'geostore' into the 'Selected' filters and put it on top, and save.
Note: in the User Groups and Roles Services available options there are "AuthKEY WebService Body Response - UserGroup Service from WebService Response Body" and "AuthKEY REST - Role service from REST endpoint". Ignore them as they are not supported from MapStore2.