Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #37: initial implementation of security integration (automatic login using georchestra security headers) #69

Merged
merged 5 commits into from
Oct 24, 2019
Merged

Fixes #37: initial implementation of security integration (automatic login using georchestra security headers) #69

merged 5 commits into from
Oct 24, 2019

Conversation

mbarto
Copy link
Contributor

@mbarto mbarto commented Oct 17, 2019

  • upgraded MapStore to latest master
  • backend: custom geostore security configuration to automatically login using georchestra security proxy headers
    • username taken from header sec-username
    • groups taken from header sec-roles
    • role ADMIN assigned if user has group MAPSTORE_ADMIN
  • frontend automatic login at page load
  • (temporary) plugin to show current user role
  • (temporary) admin page skeleton

To test locally I suggest using the "Modify Headers" chrome extension to automatically set headers. This is an example:

image

@mbarto mbarto requested a review from offtherailz October 17, 2019 11:51
@landryb
Copy link
Member

landryb commented Oct 17, 2019

Just my 2c - it seems the PR mixes various things in a single commit, ie upgrading mapstore bits (isnt it supposed to just be 'point the submodule at another commit' ?) + adding some local config (pointing at hardcoded georchestra.geo-solutions.it urls ?) and adding the bits to configure the header auth module in geostore-spring-security.xml, and maaany other seemingly unrelated bits.

For the sake of clarity & history readability, can we get meaningful commits with clearly identified changes ? Or its just a first shot and not meant for final review/merge ?

mbarto added 3 commits October 18, 2019 15:11
@mbarto
Updated MapStore2 submodule to latest master (and some configuration …
2ba122f 
…files changed for compatibility with this)
@mbarto
georchestra#37: updated spring security configuration to enable georc…
1fa0939 
…hestra security proxy headers usage, also updated geostore to latest version to use latest security improvements
@mbarto
georchestra#37: frontend initial support for authentication through t…
9df391a 
…he georchestra security-proxy
@mbarto mbarto merged commit 7b5ac64 into georchestra:master Oct 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@offtherailz offtherailz offtherailz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mbarto @landryb @offtherailz