authkey problem

58 views
Skip to first unread message
Assigned to lorenzo...@geosolutionsgroup.com by me

Jiafeng Wang

unread,
Feb 29, 2024, 6:43:21 AMFeb 29
to mapstore-users
I completely followed this page MapStore/GeoServer users integration to use Authkey Plugin Community Module with GeoServer. All the users, groups and roles are shared with GeoServer well. But when need get tiles from geoserver, the log of MapStore show below:

ID: 159
Address: http://192.168.1.243/mapstore/rest/geostore/session/username/xxxxxxxx-olut-11ee-afd0-17214358a104
Http-Method: GET
Content-Type:
Headers: {Accept=[text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2], connection=[close], Content-Type=[null], host=[192.168.1.243], user-agent=[GeoTools HTTPClient (30.1)], x-forwarded-for=[172.18.0.1], x-forwarded-host=[192.168.1.243], x-forwarded-proto=[http], x-real-ip=[172.18.0.1]}
--------------------------------------
WARN 2024-02-29 07:09:04.296 it.geosolutions.geostore.services.rest.security.oauth2.OAuth2SessionServiceDelegate::getUserName:395 - Refresh was set to true but this delegate is not supporting refreshing token when retrieving the user...
29-Feb-2024 07:09:04.296 INFO [http-nio-8080-exec-3] org.apache.cxf.interceptor.LoggingOutInterceptor.null Outbound Message
---------------------------
ID: 159
Response-Code: 204
Content-Type: text/plain
Headers: {Cache-Control=[no-cache], Expires=[-1], Date=[Wed, 28 Feb 2024 23:09:04 GMT], Content-Length=[0]}

PixPin_2024-02-29_19-35-04.png

Lorenzo Natali

unread,
Feb 29, 2024, 6:47:00 AMFeb 29
to mapstore-users
Hi,
I think it is only a warning but it should not affect the integration.
Moreover, if you are not using the oauth2, maybe it seems even less meanful. 
Message has been deleted

Jiafeng Wang

unread,
Feb 29, 2024, 8:34:00 AMFeb 29
to mapstore-users
Thanks a lot for reply.
But when I try to access the link with authkey (http://192.168.1.243:5434/geoserver/ows?service=WMS&version=1.3.0&request=GetCapabilities&authkey=71d39220-d31c-11ee-afd0-17214358a104), it will show the HTTP 500 ERRO, it says "User not found in usergroupservice: geostore". I am double checked all the setting with the DOC of MapStore/GeoServer users integration, and I am sure the uuid in postgres DB is matched.
PixPin_2024-02-29_21-07-01.png
postgres DB

PixPin_2024-02-29_21-07-0ggg1.png

Lorenzo Natali

unread,
Feb 29, 2024, 11:31:20 AMFeb 29
to mapstore-users
Hi,
The UUID stored there is not the one used by the application.
the correct authkey is generated and shared only once at login, without storing them anywere.

You can see in the documentation the workflow makes the authkey (that is generated dynamically and not stored in db actually) is validate to mapstore REST API (the URL you configured in API), then searched on the database.

The UUID you have found is a part of an old authentication system, still there for backward compatibility but not used by MapStore main product anymore. 



Jiafeng Wang

unread,
Mar 1, 2024, 3:57:44 AMMar 1
to mapstore-users
I understand,  really appreciate for reply. 
But I still have a problem, when I remove the 'anonymous' in 'Default' Filter chain with my GeoServer, then MapStore can not get any resouce from it. 
So I've determined that MapStore is not using the authkey to make a request to the GeoServer. Is that right
Apologize for my poor English.


PixPin_2024-03-01_16-49-27.png
微信截图_20240301165126.png

Jiafeng Wang

unread,
Mar 1, 2024, 4:07:50 AMMar 1
to mapstore-users
This is my localConfig.json, and my GeoServer url is http://10.19.91.108:5434/geoserver
I tried these two different 'urlPattern', but both cause the same erro.
1.  "urlPattern": "http\\:\\/\\/10\\.19\\.91\\.108\\:5434\\/geoserver\\/.*",
2.  "urlPattern": "\\/geoserver/.*",

localConfig.json

Lorenzo Natali

unread,
Mar 1, 2024, 4:18:58 AMMar 1
to mapstore-users
In your localConfig.json there are two "authenticationRules" entries. 
You should have only one (in the case usually the second overrides the first, so probably you modified the first and see no effect, this can the cause of the issue you described).
Add to the original authenticationRules entry your section about GeoServer's authentication and ensure that only one is present in the JSON.

Jiafeng Wang

unread,
Mar 1, 2024, 4:27:00 AMMar 1
to mapstore-users
OMG...I've made the lowest mistake of all.
Thank you so much.
I am really   appreciate for your help.

Lorenzo Natali

unread,
Mar 1, 2024, 4:30:05 AMMar 1
to mapstor...@googlegroups.com
You are welcome,
and thank you for using MapStore.

--
You received this message because you are subscribed to the Google Groups "mapstore-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mapstore-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mapstore-users/18ec751c-68d5-470a-9108-a550a39e0377n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages