AnsweredAssumed Answered

Problem adding a secured wms layer from Geoserver to AGOL

Question asked by suzanab on Jun 20, 2019
Latest reply on Jul 3, 2019 by cwhitmore-esristaff

Hi everyone,

I am having some unexpected behaviour when attempting to access a secured layer from Geoserver, in AGOL.  I have a GEOSERVER instance that responds to both HTTP and HTTPS requests (it redirects http to https), it has both secured and unsecured layers and has CORS configured. 

 

Problems with addition of domain to trusted server list:

I have tried to add the Geoserver domain to the trusted sites list with some issues -

  1. Adding the domain eo4c-geoserver.envsys.co.uk  to the trusted list, results in the following error when trying to add a layer to a map 'The WMS service, https://eo4c-geoserver.envsys.co.uk/geoserver/eo4c_data_delivery/wms?version=1.1.0, cannot be added to the map. It is either not available or you have entered an invalid URL for the type of layer you want to reference.'
  2. Adding the http protocol to the domain (http://eo4c-geoserver.envsys.co.uk) in the trusted servers list  seems to work in the sense that I can access and the layer but I am not prompted for a username or password - as this is a secured layer I want to be prompted for credentials. 
  3. If I add the domain with the https protocol (https://eo4c-geoserver.envsys.co.ukit fails to find the resource when attempting to add a layer - the error is once again the same as in point 1 above.

If I don't add the domain to the trusted servers list, I am able to add the layer without any problems and am not prompted for passwords - again undesirable behaviour.

 

Can anyone please explain why the https protocol appears to be a problem, or for that matter why the domain on its own as in point 1 above fails and why I am able to access the resource without being prompted for a username and password as in point 2 above, or why the behaviour is the same whether the domain is in the trusted list or not.

If this is a CORS config issue, does anyone know what the correct CORS config should be (see my CORS config in attached file).

I have tested that this resource is indeed secured using both Qgis and via get requests in the browser, in both cases I am prompted for credentials.

 

Any help would be greatly appreciated.

Attachments

Outcomes