POST
|
I have my GeoPortal 1.2.4 app all set up using connections to LDAP. Everything is working well security-wise, and now I want to enable single sign on. Without reading any documentation, I tried setting singleSignOn (in gpt.xml) to true to see what would happen. I am able to log in, and it shows my user name in the top with a welcome message and there is a logout link. After I navigate to any other page in the app (e.g.: click on "Search" tab), I am logged out. So, I decided I needed to research this a bit, and found these instructions: https://github.com/Esri/geoportal-server/wiki/Single-Sign-On#Modify_the_webxml_File Are those the correct instructions? We are using Tomcat, so I am following the Tomcat section in that documentation. The three sections in the docs are: 1) Modify the Tomcat server.xml File: The server.xml was already set up for LDAP before we started. We verified that everything was set up per the docs. As I said before, the connection to LDAP is working ok. No problems there - just trying to enable Single Sign On with other apps. 2) Update the geoportal gpt.xml file: Changed "false" to "true" - simple. 3) Modify the web.xml File: This is where I really ran into trouble. It tells us to uncomment certain sections, but our web.xml file looks NOTHING like the text in the instructions. Our security-constraint section looks like this:
<!--security-constraint>
<web-resource-collection>
<web-resource-name>Restricted content</web-resource-name>
<description>Restricted content</description>
<url-pattern>/Eros</url-pattern>
<url-pattern>/rest/usage/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint-->
Uncommenting this had no effect. I also tried copying the security-constraint from the docs into the file, but then we just get a Tomcat 403 error when we try to log in. Can anyone help me figure this out? Security seems to be working ok in the GeoPortal as a stand-alone app, so we just want to enable single sign on now. thanks!
... View more
06-17-2014
06:11 PM
|
0
|
1
|
3640
|
POST
|
Note that this wiki says we can add, modify, or delete from the list. https://github.com/Esri/geoportal-server/wiki/All-gpt.xml-file-settings How would we delete? thanks!
... View more
02-06-2014
01:19 PM
|
0
|
0
|
309
|
POST
|
Hi everyone. Here is my setup: -- I have my geoportal connecting just fine to my LDAP. -- I set <metadataAccessPolicy type="restricted"/> -- The <groups> tag is configured OK, and seems to be finding my groups in LDAP. Now, when I go to set an access level for a record, it shows me ALL the groups. Is there a way to get the <metadataManagementGroup> tags to specify to hide a given group? Some of them have to do with other apps, and are not relevant to metadata management. thanks, David
... View more
02-06-2014
11:00 AM
|
0
|
2
|
2010
|