Authentication Filters¶
- Authentication filters perform a variety of tasks, including:
- gathering user credentials from a request, for example from Basic and Digest Authentication headers
- handling events such as ending the session (logging out), or setting the “Remember Me” browser cookie
- performing session integration, detecting existing sessions and creating new sessions if necessary
- invoking the authentication provider chain to perform actual authentication
- Available filters are:
- J2EE - Delegates to servlet container for authentication
- Anonymous - Authenticates anonymously performing no actual authentication
- Remember Me - Authenticates by recognizing authentication from a previous request
- Form - Authenticates by processing username/password from a form submission
- X.509 - Authenticates by extracting the common name (cn) of a X.509 certificate
- HTTP Header - Authenticates by checking existence of an HTTP request header
- Basic - Authenticates using HTTP basic authentication
- Digest - Authenticates using HTTP digest authentication
Some filter chains are available to be able to configure which filters are to be used in a different context.
- Available chains are:
- Web UI
- Web UI Login
- Web UI Logout
- Default
Many filters can be active for a particular chain at the same time, just add them to the filter chain.
Now we will modify the Default authentication filter, to disable anonymous access for OWS services:
From the Welcome page click the Authentication link on the Menu Security section.
Select Default from Request chain combo box.
Select the anonymous element in the Selected list of the Filter chains menu
Click the arrow left button to add the element to the Available list
Click the Save button.
Now we are going to verify that the anonymous user is not allowed to launch ows requests:
From the Welcome page click the Demos link on the Menu.
Click the Demo requests link
Select WMS_getMap.url from Request combo box.
Click the Submit button.
You should get an error like: HTTP response: 401. Now let’s try with an authenticated user:
- Insert geosolutions in the Username text field.
- Insert Geos in the Password text field.
- Click the Submit button.
You should get the usual united states map.