Bug report #9026
Updated by Giovanni Manghi over 5 years ago
This server has some open-for-all WFS layers and some which need authentication
http://tampere.navici.com/tampere_wfs_geoserver/tampere_ora/ows?
For example this is free: TYPENAME=tampere_ora:KH_TILASTO
but this is secured: TYPENAME=tampere_ora:ONK_NMR_MVIEW
QGIS has no troubles as long as I am reading just the free layers. Discussion between client and server goes without authentication and both are happy. Trouble begins is I try to read a secured layer. The server sends back "HTTP/1.1 401 Unauthorized" and asks to give credentials. I do not have those and therefore I just ask QGIS to cancel this operation.
The trouble is that after cancelling the trial to read the secured layer QGIS cannot any more get data from the free feature types. This seems to come from that after the cancelled operation QGIS is adding the Authorization header "Authorization: Basic Og==" to the requests and the server is rejecting all of them. Below is an example about how the discussion goes:
GET http://tampere.navici.com/tampere_wfs_geoserver/tampere_ora/ows?SERVICE=WFS&REQUEST=GetCapabilities&VERSION=1.0.0 HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
Accept-Language: fi-FI,en,*
User-Agent: Mozilla/5.0
Host: tampere.navici.com
Authorization: Basic Og==
HTTP/1.1 401 Unauthorized
Date: Thu, 07 Nov 2013 05:19:52 GMT
Set-Cookie: SPRING_SECURITY_REMEMBER_ME_COOKIE=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/tampere_wfs_geoserver
WWW-Authenticate: Basic realm="GeoServer Realm"
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Content-Length: 1299
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
In an attachment there are all the requests and answers from such a case, I only removed the long XML data contents from GetCapabilities and successfull GetFeature.
http://tampere.navici.com/tampere_wfs_geoserver/tampere_ora/ows?
For example this is free: TYPENAME=tampere_ora:KH_TILASTO
but this is secured: TYPENAME=tampere_ora:ONK_NMR_MVIEW
QGIS has no troubles as long as I am reading just the free layers. Discussion between client and server goes without authentication and both are happy. Trouble begins is I try to read a secured layer. The server sends back "HTTP/1.1 401 Unauthorized" and asks to give credentials. I do not have those and therefore I just ask QGIS to cancel this operation.
The trouble is that after cancelling the trial to read the secured layer QGIS cannot any more get data from the free feature types. This seems to come from that after the cancelled operation QGIS is adding the Authorization header "Authorization: Basic Og==" to the requests and the server is rejecting all of them. Below is an example about how the discussion goes:
GET http://tampere.navici.com/tampere_wfs_geoserver/tampere_ora/ows?SERVICE=WFS&REQUEST=GetCapabilities&VERSION=1.0.0 HTTP/1.1
Connection: Keep-Alive
Accept-Encoding: gzip
Accept-Language: fi-FI,en,*
User-Agent: Mozilla/5.0
Host: tampere.navici.com
Authorization: Basic Og==
HTTP/1.1 401 Unauthorized
Date: Thu, 07 Nov 2013 05:19:52 GMT
Set-Cookie: SPRING_SECURITY_REMEMBER_ME_COOKIE=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/tampere_wfs_geoserver
WWW-Authenticate: Basic realm="GeoServer Realm"
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Content-Length: 1299
Keep-Alive: timeout=15, max=96
Connection: Keep-Alive
In an attachment there are all the requests and answers from such a case, I only removed the long XML data contents from GetCapabilities and successfull GetFeature.