We do some stuff with Apache re-write rules for specially named files. Only certain naming conventions can be seen on the outside. This leaves the permissions aspects up the data owners to administer.
Bobb >> -----Original Message----- >> From: [email protected] [mailto:mapserver- >> [email protected]] On Behalf Of Mark Volz >> Sent: Tuesday, February 19, 2013 9:45 AM >> To: [email protected] >> Subject: [mapserver-users] MapServer .map file security question >> >> Hi, >> >> I have a server that I would like to run both internal and >> external applications on it. I know I can use apache to limit >> who can access internal web pages. However, is there any >> mechanism to stop an external user from drawing an internal >> actual .map file? For example, what would stop someone from >> changing the requested map from: http://myserver/cgi- >> bin/mapserv.exe?map=External.map. To: http://myserver/cgi- >> bin/mapserv.exe?map=Internal.map. >> >> I could see this as an issue if I want to enable wms. >> >> Thanks >> >> Mark Volz >> GIS Specialist >> >> >> _______________________________________________ >> mapserver-users mailing list >> [email protected] >> http://lists.osgeo.org/mailman/listinfo/mapserver-users _______________________________________________ mapserver-users mailing list [email protected] http://lists.osgeo.org/mailman/listinfo/mapserver-users
