I have configured the Drupal user/role plugin, but am unable to authenticate with Geoserver when logging in via Cartaro. I get the following error:

Failed to authenticate you with GeoServer. Some map services won't be available.

How can I troubleshoot? I.e. how can I find what is misconfigured, not working properly, etc?

Comments

brylie’s picture

brylie CreditAttribution: brylie commented

The provider needs to be selected for the provider chain in order to be used.

I added the provider to the provider chain and things work. Please add this information to the documentation page:
http://cartaro.org/documentation/using-drupal-users-and-roles-geoserver

augustus.kling’s picture

augustus.kling CreditAttribution: augustus.kling commented

I think I don't get the problem. The linked page already says:

Activate the authentication provider by moving it into the list of active providers (Security » Authentication » Authentication Providers). GeoServer will now acquire a database connection to your Drupal instance and accept Drupal users for login thereafter.

Then a screenshot follows with the provider chain configuration.

Why and where do you recommend the extra sentence?

mtoscano’s picture

mtoscano CreditAttribution: mtoscano commented

I followed carefully the instruction on http://cartaro.org/documentation/using-drupal-users-and-roles-geoserver but when I arrive at the last step (Activate the authentication provider by moving it into the list of active providers) I receive the error: java.lang.RuntimeException: java.lang.RuntimeException: Could not load workspace administrators and if I go to Server Status it says: Oops, something went wrong... and then

org.apache.wicket.WicketRuntimeException: Can't instantiate page using constructor public org.geoserver.web.admin.StatusPage()
	at org.apache.wicket.session.DefaultPageFactory.createPage(DefaultPageFactory.java:212)
	at org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:57)
	at org.apache.wicket.request.target.component.BookmarkablePageRequestTarget.newPage(BookmarkablePageRequestTarget.java:298)
	at org.apache.wicket.request.target.component.BookmarkablePageRequestTarget.getPage(BookmarkablePageRequestTarget.java:320)
	at org.apache.wicket.request.target.component.BookmarkablePageRequestTarget.processEvents(BookmarkablePageRequestTarget.java:234)
	at org.apache.wicket.request.AbstractRequestCycleProcessor.processEvents(AbstractRequestCycleProcessor.java:92)
	at org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1250)
	at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
	at org.apache.wicket.RequestCycle.steps(RequestCycle.java:1436)
	at org.apache.wicket.RequestCycle.request(RequestCycle.java:545)
	at org.apache.wicket.protocol.http.WicketFilter.doGet(WicketFilter.java:484)
	at org.apache.wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:138)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
	at org.springframework.web.servlet.mvc.ServletWrappingController.handleRequestInternal(ServletWrappingController.java:159)
	at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:923)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:852)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:882)
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:778)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:654)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1320)
	at org.geoserver.filters.ThreadLocalsCleanupFilter.doFilter(ThreadLocalsCleanupFilter.java:27)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.geoserver.filters.SpringDelegatingFilter$Chain.doFilter(SpringDelegatingFilter.java:74)
	at org.geoserver.flow.controller.IpBlacklistFilter.doFilter(IpBlacklistFilter.java:87)
	at org.geoserver.filters.SpringDelegatingFilter$Chain.doFilter(SpringDelegatingFilter.java:70)
	at org.geoserver.filters.SpringDelegatingFilter.doFilter(SpringDelegatingFilter.java:45)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.geoserver.platform.AdvancedDispatchFilter.doFilter(AdvancedDispatchFilter.java:49)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:68)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:72)
	at org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:91)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:68)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:72)
	at org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:91)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.geoserver.security.filter.GeoServerAnonymousAuthenticationFilter.doFilter(GeoServerAnonymousAuthenticationFilter.java:53)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:68)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:72)
	at org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:91)
	at org.geoserver.security.filter.GeoServerUserNamePasswordAuthenticationFilter.doFilter(GeoServerUserNamePasswordAuthenticationFilter.java:115)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:68)
	at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:146)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:72)
	at org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:91)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:68)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
	at org.geoserver.security.filter.GeoServerSecurityContextPersistenceFilter$1.doFilter(GeoServerSecurityContextPersistenceFilter.java:52)
	at org.geoserver.security.filter.GeoServerCompositeFilter$NestedFilterChain.doFilter(GeoServerCompositeFilter.java:72)
	at org.geoserver.security.filter.GeoServerCompositeFilter.doFilter(GeoServerCompositeFilter.java:91)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
	at org.geoserver.security.GeoServerSecurityFilterChainProxy.doFilter(GeoServerSecurityFilterChainProxy.java:134)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.geoserver.filters.LoggingFilter.doFilter(LoggingFilter.java:75)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.geoserver.filters.GZIPFilter.doFilter(GZIPFilter.java:42)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.geoserver.filters.SessionDebugFilter.doFilter(SessionDebugFilter.java:47)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.geoserver.filters.FlushSafeFilter.doFilter(FlushSafeFilter.java:43)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.vfny.geoserver.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1291)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:443)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:532)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:227)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1044)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:372)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:189)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:978)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
	at org.eclipse.jetty.server.Server.handle(Server.java:369)
	at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:486)
	at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:933)
	at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:995)
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
	at java.lang.Thread.run(Thread.java:695)
Caused by: java.lang.reflect.InvocationTargetException
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
	at org.apache.wicket.session.DefaultPageFactory.createPage(DefaultPageFactory.java:192)
	... 103 more
Caused by: java.lang.RuntimeException: java.io.IOException: org.postgresql.util.PSQLException: FATAL: role "admin" does not exist
	at org.cartaro.geoserver.security.drupal.filter.DrupalDataAccessRuleDAO.getRules(DrupalDataAccessRuleDAO.java:61)
	at org.geoserver.security.impl.DefaultDataAccessManager.buildAuthorizationTree(DefaultDataAccessManager.java:117)
	at org.geoserver.security.impl.DefaultDataAccessManager.checkPropertyFile(DefaultDataAccessManager.java:109)
	at org.geoserver.security.impl.DefaultDataAccessManager.canAccess(DefaultDataAccessManager.java:72)
	at org.geoserver.security.DataAccessManagerAdapter.getAccessLimits(DataAccessManagerAdapter.java:84)
	at org.geoserver.security.ResourceAccessManagerWrapper.getAccessLimits(ResourceAccessManagerWrapper.java:217)
	at org.geoserver.security.CatalogFilterAccessManager.getAccessLimits(CatalogFilterAccessManager.java:69)
	at org.geoserver.security.SecureCatalogImpl.buildWrapperPolicy(SecureCatalogImpl.java:771)
	at org.geoserver.security.SecureCatalogImpl.checkAccess(SecureCatalogImpl.java:549)
	at org.geoserver.security.SecureCatalogImpl.checkAccess(SecureCatalogImpl.java:472)
	at org.geoserver.security.SecureCatalogImpl$1.apply(SecureCatalogImpl.java:1413)
	at org.geoserver.security.SecureCatalogImpl$1.apply(SecureCatalogImpl.java:1409)
	at com.google.common.collect.Iterators$8.next(Iterators.java:812)
	at org.geoserver.catalog.util.CloseableIteratorAdapter.next(CloseableIteratorAdapter.java:55)
	at com.google.common.collect.Iterators$7.computeNext(Iterators.java:648)
	at com.google.common.collect.AbstractIterator.tryToComputeNext(AbstractIterator.java:143)
	at com.google.common.collect.AbstractIterator.hasNext(AbstractIterator.java:138)
	at org.geoserver.catalog.util.CloseableIteratorAdapter.hasNext(CloseableIteratorAdapter.java:45)
	at com.google.common.collect.Iterators$8.hasNext(Iterators.java:807)
	at org.geoserver.catalog.util.CloseableIteratorAdapter.hasNext(CloseableIteratorAdapter.java:45)
	at com.google.common.collect.Iterators$8.hasNext(Iterators.java:807)
	at org.geoserver.catalog.util.CloseableIteratorAdapter.hasNext(CloseableIteratorAdapter.java:45)
	at org.geoserver.web.admin.StatusPage.getLockCount(StatusPage.java:256)
	at org.geoserver.web.admin.StatusPage.updateModel(StatusPage.java:169)
	at org.geoserver.web.admin.StatusPage.<init>(StatusPage.java:80)
	... 108 more
Caused by: java.io.IOException: org.postgresql.util.PSQLException: FATAL: role "admin" does not exist
	at org.cartaro.geoserver.security.drupal.DrupalRoleService.getLayerAccessRules(DrupalRoleService.java:290)
	at org.cartaro.geoserver.security.drupal.filter.DrupalDataAccessRuleDAO.getRules(DrupalDataAccessRuleDAO.java:59)
	... 132 more
Caused by: org.postgresql.util.PSQLException: FATAL: role "admin" does not exist
	at org.postgresql.core.v3.ConnectionFactoryImpl.readStartupMessages(ConnectionFactoryImpl.java:469)
	at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:110)
	at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:64)
	at org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:123)
	at org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:28)
	at org.postgresql.jdbc3g.AbstractJdbc3gConnection.<init>(AbstractJdbc3gConnection.java:20)
	at org.postgresql.jdbc3g.Jdbc3gConnection.<init>(Jdbc3gConnection.java:22)
	at org.postgresql.Driver.makeConnection(Driver.java:391)
	at org.postgresql.Driver.connect(Driver.java:265)
	at java.sql.DriverManager.getConnection(DriverManager.java:582)
	at java.sql.DriverManager.getConnection(DriverManager.java:207)
	at org.cartaro.geoserver.security.drupal.DrupalDatabaseConnector.accquireConnection(DrupalDatabaseConnector.java:113)
	at org.cartaro.geoserver.security.drupal.DrupalDatabaseConnector.connect(DrupalDatabaseConnector.java:77)
	at org.cartaro.geoserver.security.drupal.DrupalUserGroupService.getWorkspaceAdministrators(DrupalUserGroupService.java:319)
	at org.cartaro.geoserver.security.drupal.DrupalRoleService.getLayerAccessRules(DrupalRoleService.java:286)
	... 133 more

Installing Cartaro I used the default Geoserver user (admin/geoserver) and I used this user also to connect to the Drupal database creating the new Authentication Provider and the User Group Service.

mtoscano’s picture

mtoscano CreditAttribution: mtoscano commented

If I try to login back in Geoserver it now says Invalid username/password combination!

azuledu’s picture

azuledu CreditAttribution: azuledu commented

you can log into GeoServer with the root account:
http://docs.geoserver.org/latest/en/user/security/root.html

mtoscano’s picture

mtoscano CreditAttribution: mtoscano commented

Fixed. I was using admin Drupal user creating the new Authentication Provider and the User Group Service instead of the Postgres database user.

mtoscano’s picture

mtoscano CreditAttribution: mtoscano commented
Issue summary: View changes
Status: Active » Fixed
augustus.kling’s picture

augustus.kling CreditAttribution: augustus.kling commented

For the reference in case somebody else experience the same problem. The following is from the provided stack trace and basically tells that it was tried to access PostgreSQL with a user admin that does not exist. The fix is to provide the correct PostgreSQL user name when setting up the user/group service in GeoServer.

Caused by: java.lang.RuntimeException: java.io.IOException:
org.postgresql.util.PSQLException: FATAL: role "admin" does not exist
at
org.cartaro.geoserver.security.drupal.filter.DrupalDataAccessRuleDAO.getRules(DrupalDataAccessRuleDAO.java:61)
at
org.geoserver.security.impl.DefaultDataAccessManager.buildAuthorizationTree(DefaultDataAccessManager.java:117)

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.