Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GN5 / Security configuration #8559

Merged
merged 1 commit into from
Dec 24, 2024
Merged

GN5 / Security configuration #8559

merged 1 commit into from
Dec 24, 2024

Conversation

fxprunayre
Copy link
Member

Security configuration for GeoNetwork 4 deployed behing GeoNetwork 5 prototype using simple mode (ie. GN4 MUST not be exposed to intranet and internet).

Authentication is managed by version 5 which check user credentials and create user in the database if needed. Then a JWT token is added to a header that version 4 checks.

Related to:

To enable the configuration, use:

mvn jetty:run -Dgeonetwork.security.type=gn5

Checklist

  • I have read the contribution guidelines
  • Pull request provided for main branch, backports managed with label
  • Good housekeeping of code, cleaning up comments, tests, and documentation
  • Clean commit history broken into understandable chucks, avoiding big commits with hundreds of files, cautious of reformatting and whitespace changes
  • Clean commit messages, longer verbose messages are encouraged
  • API Changes are identified in commit messages
  • Testing provided for features or enhancements using automatic tests
  • User documentation provided for new features or enhancements in manual
  • Build documentation provided for development instructions in README.md files
  • Library management using pom.xml dependency management. Update build documentation with intended library use and library tutorials or documentation

@fxprunayre
GN5 / Security configuration
5fea3bc 
Security configuration for GeoNetwork 4 deployed behing GeoNetwork 5
prototype using simple mode (ie. GN4 MUST not be exposed to intranet and
internet).

Authentication is managed by version 5 which check user credentials and
create user in the database if needed. Then a JWT token is added to a
header that version 4 checks.

Related to:
* JWT headers support #7899
* GeoNetwork 5 auth geonetwork/geonetwork#77

To enable the configuration, use:

```sh
mvn jetty:run -Dgeonetwork.security.type=gn5
```
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

fxprunayre added a commit to davidblasby/geonetwork that referenced this pull request Dec 12, 2024
@fxprunayre
Gateway / GN4 route / Enable security by default.
414ccb1 
Will work fine with geonetwork/core-geonetwork#8559
fxprunayre added a commit to geonetwork/geonetwork that referenced this pull request Dec 16, 2024
@fxprunayre
Gateway / GN4 route / Enable security by default.
ee01ab0 
Will work fine with geonetwork/core-geonetwork#8559
@fxprunayre fxprunayre added this to the 4.4.7 milestone Dec 19, 2024
@fxprunayre fxprunayre marked this pull request as ready for review December 19, 2024 15:22
@fxprunayre fxprunayre requested a review from josegar74 December 20, 2024 14:10
@fxprunayre fxprunayre mentioned this pull request Dec 20, 2024
Open
12 tasks
josegar74
josegar74 approved these changes Dec 20, 2024
View reviewed changes
Copy link
Member

@josegar74 josegar74 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested with GN 5 and works as expected, when a user login in GN 5, automatically is logged in GN 4

@fxprunayre fxprunayre merged commit 490e6b9 into main Dec 24, 2024
11 checks passed
@fxprunayre fxprunayre deleted the 5-securityconfig branch December 24, 2024 11:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@josegar74 josegar74 josegar74 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
4.4.7
Development

Successfully merging this pull request may close these issues.
2 participants
@fxprunayre @josegar74