Hi,
For simple needs you can configure Apache to use http basic authentication and
make it to require https.
http://httpd.apache.org/docs/2.0/howto/auth.html
Setting basic authentication is simple but it does not give any real security
without configuring Apache to use https instead of http. But anyway, Mapserver
project does not give you tools for access control. Consider if https + basic
authentication is enough for you. It may be if you do not need user roles and
all it should do is either to give or deny access to Mapserver. Most simple way
to do this is to put the cgi-bin directory behind passwords somehow like
<Location "/cgi-bin">
Options None
Order allow,deny
Allow from all
AuthType Basic
AuthName "Please log in"
# (Following line optional)
AuthBasicProvider file
AuthUserFile "c:/ms4w/apache/passwd/passwords"
Require user user1 user2 user3
</Location>
As a result only user1, user2 and user3 can reach cgi-bin if they give correct
password.
-Jukka Rahkonen-
Richard Suematsu
> I don't think MapServer does this itself. We've done this by
> proxying MapServer behind tomcat and using a servlet filter
> to validate the user.
>
> Rich
>
> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]] On Behalf Of
> Alberto Najera
> Sent: Monday, May 28, 2012 2:35 AM
> To: [email protected]
> Subject: [mapserver-users] Restricted WMS access
>
> Hello,
>
> Is it possible to have a restricted (user id and password
> required) WMS service through Mapserver? If so, how can this
> be done? I have searched the documentation but had not been
> able to find if this is possible.
>
> Thank you
>
> Alberto Najera
>
>
> _______________________________________________
> mapserver-users mailing list
> [email protected]
> http://lists.osgeo.org/mailman/listinfo/mapserver-users
>
>
>
> Confidentiality Notice: This e-mail message, including any
> attachments, is for the sole use of the
> intended recipient(s) and may contain confidential and
> privileged information. Unauthorized
> review, use, disclosure or distribution is prohibited. If you
> are not the addressee indicated in this
> message kindly notify the sender by reply e-mail and destroy
> all copies of the original message.
>
> _______________________________________________
> mapserver-users mailing list
> [email protected]
> http://lists.osgeo.org/mailman/listinfo/mapserver-users
>
_______________________________________________
mapserver-users mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapserver-users
