We addressed your idea at yesterday's IRC meeting. We decided to discuss
it in more detail at next week's meeting, when we have had time to prepare.
Thanks for your input
Christoph
Armin Retterath schrieb:
hello,
we plan to extent mapbenders owsproxy function to support http_digest
authentication (http://www.ietf.org/rfc/rfc2617.txt) too. with this
possibility and the use of https we can make a relativ secure connection
between different mapbender installations or between mapbender and clients
who support the http_digest authentication. we think, it will be easy to
extent clients to support the http_digest. one critical performance problem
will be, that mapbender must control the authorization at every getmap,
getfeatureinfo, getlegendgraphics and getcap request. this maybe solved by
caching the authorization info in an indexed version (lucene or textfile).
for supporting the http_digest, we have to store the digest (md5
('username:realm:password')) in the mb_user table. this hash must be updated
every time the username or the password changes (cannot be done by db
trigger, cause the password is stored as md5 hash in the mb_user table).
for the mapbender http_digest client side the wms table has to be extented for
username and digest columns. when someone upload a http_digest secured wms he
has to give a username and a password which will be used to create the
secured connection to this service (by the use of curl). the viewing of such
a service can only be done by using the mapbender owsproxy.
this is the idea and should be realized until end of september.
any ideas or suggestions to this are welcome. please send them to the
dev-list.
regards
armin
--
----------------------------------
Aufwind durch Wissen!
Qualifizierte OpenSource-Schulungen
bei der www.foss-academy.eu
----------------------------------
_______________________________________
W h e r e G r o u p GmbH & Co. KG
Siemensstraße 8
53121 Bonn
Germany
Christoph Baudson
Anwendungsentwickler
Fon: +49 (0)228 / 90 90 38 - 15
Fax: +49 (0)228 / 90 90 38 - 11
[email protected]
www.wheregroup.com
Amtsgericht Bonn, HRA 6788
_______________________________________
Komplementärin:
WhereGroup Verwaltungs GmbH
vertreten durch:
Olaf Knopp, Peter Stamm
_______________________________________
_______________________________________________
Mapbender_dev mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapbender_dev
