-
Notifications
You must be signed in to change notification settings - Fork 96
Request Headers Pre Authentication
mbarto edited this page Apr 23, 2015
·
1 revision
GeoStore supports authentication using a set of configurable request headers.
This is NOT enabled by default with the following behaviour.
To enable it, a new custom filter and related bean configuration must be added to the spring security configuration file:
<security:http auto-config="true" create-session="never">
...
<security:custom-filter ref="headersFilter" before="PRE_AUTH_FILTER"/>
...
</security:http>
<bean class="it.geosolutions.geostore.services.rest.security.GeoStoreRequestHeadersAuthenticationFilter"
id="headersFilter">
<property name="userNameHeader" value="username"/>
<property name="credentialsHeader" value="password"/>
<property name="autoCreateUser" value="true"/>
<property name="userMapper" ref="headersMapper"/>
</bean>
<bean class="it.geosolutions.geostore.core.security.MapExpressionUserMapper"
id="headersMapper">
<constructor-arg>
<map>
<entry key="email" value="email"/>
<entry key="logintype" value="'headers'"/>
<entry key="UUID" value="T(java.util.UUID).randomUUID().toString()"/>
</map>
</constructor-arg>
</bean>The following properties are supported:
- userNameHeader: header containing the username
- credentialsHeader: header containing the user password
- autoCreateUser: if true, not existing users are created, with the password in credentialsHeader (or no password if this is missing)
- enableAutoCreatedUsers: if false, auto created users are disabled
- userMapper: a MapExpressionUserMapper that can map additional headers to user attributes, upon creation