Problems getting GeoServer integration and style editor to work

[Jonas Mueller]

Hi all

I've been trying to set up the GeoServer integration according to the documentation (https://mapstore.readthedocs.io/en/latest/developer-guide/integrations/users/geoserver/#configure-mapstore) in order to get the style editor to work (https://mapstore.readthedocs.io/en/latest/user-guide/layer-settings/#style), but can't seem to get it working.

I'm using MapStore v2021.01.04, and GeoServer 2.19.2 with the following plugins: authkey-plugin,css-plugin,sldservice-plugin

It is possible to login to the GeoServer administrator interface using MapStore credentials (admin / admin). MapStore is appending a authkey parameter to GeoServer calls when I'm trying to access a layer's style tab in MapStore, but I'm still getting a basic authentication form.

Do you have any suggestions what I might have missed in the setup process? I've tried several times, also with different GeoServer versions, but can't get it to work.

Best Regards,

Jonas

[Lorenzo Natali]

Hi,

please make sure you correctly configured GeoServer, especially the last two steps. They are usually skipped, or not saved.

•  Go into the authentication page and open the "default" filter chain.
•  Add 'geostore' into the 'Selected' filters and put it on top, and save.

--
You received this message because you are subscribed to the Google Groups "mapstore-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mapstore-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mapstore-users/58c79c62-31c8-4488-aa72-21e4b1dc9e5bn%40googlegroups.com.

[Jonas Mueller]

Hi

Thanks for your reply. I checked my GeoServer configuration again, and you were right about the filter chain. I hadn't seen that you have to click close and then save, so I fixed that now. Unfortunately, I still get a basic authentication form when trying to change a style in MapStore.

There's one thing I've noticed, which might be relevant here. I saw that MapStore adds an authkey param to GetLegendGraphics requests, so I took the URL and changed it to include an invalid authkey. This results in the following message from GeoServer: 

"HTTP ERROR 500 org.springframework.security.core.userdetails.UsernameNotFoundException: User not found in usergroupservice: geostore"

The message is somewhat expected, since I added an invalid authkey, but it still makes me think that the integrations works to some extent. A call to /geoserver/rest/about/version?authkey= results in a basic authentication form popping up, no matter if the supplied authkey is valid or not.

Is there anything that needs to be set up in regards to REST calls in GeoServer?

Best regards,

Jonas

[Jonas Mueller]

Hi again

Adding "geostore" to the "rest" filter chain seems to work, but I'm not sure if that's a good idea?

Best regards,

Jonas

[Lorenzo Natali]

Ok, 

so for the styler, I forgot to say that you can add the same configuration you set in default filter chain for /rest/ filter chain, and this should not show basic authentication anymore. 

About GetLegendGraphics request, yes, it adds it to every request that matches the URL you set in localConfig.json --> authenticationRules (so WMS getMap, GetLegendGraphic, WFS getFeature...). 

This is useful in case you have some protected layers (e.g. reserved to certain users) or if you use geofence. 

In case of wrong authkey, you receive that error, denying the access, and this is ok. 

Anyway I agree that the authkey module on GeoServer may respond with a more understandable status code, some 4xx one. 

To view this discussion on the web visit https://groups.google.com/d/msgid/mapstore-users/c0f2f4a1-7f40-4dc8-afe0-7ea3d8db721fn%40googlegroups.com.