GEOSERVER admin password seems not be updated

randomorder commented 2 years ago

Internal clone issue for the sibling in the official GeoNode fork https://github.com/GeoNode/geonode-project/issues/209

I'll summarize here our findings and the way forward

In geonode-project we have two envionment variables in the .env that defint the username and password of the administrator user in GeoServer. There is a logic in geonode that should allow the user to override the geoserver administrator password based on the value of GEOSERVER_ADMIN_PASSWORD in the .env file but apparently is not working as expected.

What we observe is that it only works in a very specific use case, i.e. the current password is set to the default geoserver and has not been changed yet. If the current password is anything but geoserver the REST request sent to geoserver to change the password does not work (all REST calls to geoserver require authentication).

Our current understanding is that this logic (implemented in entrypoint -> geoserverfixture -> _geoserver_info_provision) is concaptually wrong because is trying to set the new password based on the content of the .env file but in order to do that it needs to know what the old password is and that is not tracked in the .env file

The goal of this task it to validate the above and create a PR to remove the fixture which is conceptually wrong

jkariscodes commented 2 years ago

I tried the removal of the geoserverfixture and its invocation as suggested and then recreated containers with new custom geoserver password the GeoServer still does not pick up the password from .env variable and still uses geoserver as the default password. I am further investigating a workaround to this.

randomorder commented 2 years ago

Hi @jkariukidev

...still does not pick up the password from .env variable...

That is expected.

Have you locally validated our idea that (prior to the fixtire removal) the password was only changed the very first time and not from then onwards?

If so you can send a merge request to remove the fixture

jkariscodes commented 2 years ago

I have locally validated the idea. Pull request is here

giohappy commented 2 years ago

@jkariukidev regarding the PRs, please follow the checks inside the template that is presented when you create a new PR. Main points:

an issue must exist and must be connected to the PR:
- write "ref #xxxx" inside the description
- connect the issue through Zenhub (I will tell you more later)
- the title must be in the form "[Fixes #xxxx] " </li> <li>when the PR is ready for a review assign it to someone in the time. For the moment you can assign it to me (<code>giohappy</code>) or Alessandro (<code>randomorder</code>)</li> </ul></li> </ul> <p>Please do the above steps, thanks.</p> </div> </div> <div class="page-bar-simple"> </div> <div class="footer"> <ul class="body"> <li>© <script> document.write(new Date().getFullYear()) </script> Githubissues.</li> <li>Githubissues is a development platform for aggregating issues.</li> </ul> </div> <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js"></script> <script src="/githubissues/assets/js.js"></script> <script src="/githubissues/assets/markdown.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/languages/go.min.js"></script> <script> hljs.highlightAll(); </script> </body> </html>

geosolutions-it / geonode-project

GEOSERVER admin password seems not be updated #39