Re: [mapserver-users] Spatial access restriction based on secret in URL, WMS Getcapabilities
If I go with environment variables and 1), how do I get SECRET_CODE into the URLs in the GetCapabilities document ? I'm assuming I need to modify wms_onlineresource ? It would be really cool if .map files automatically substituted $variables in general, beyond what [1] covers. -Arne 1: https://trac.osgeo.org/mapserver/wiki/EnvironmentVariables On 10/01/15 13:30 , Dan Little wrote: I'd probably do something with a script and some URL rewriting. For example, a URL like... - http://myserver.whee/path/SECRET_CODE/mapserv?[WMS parameters] Then do the following: 1. Low-buck: Use apache rewrite rules to set an environment variable. Then use the environment variable for my substitutions. 2. Using WSGI (I'm a python kind of guy): Parse the URL to get the secret to do the limiting. Really this kind of stuff is always application specific, and you are ultimately the person who needs to maintain it, so stick to what you'll be able to understand 6-months after you've implemented it. :-) On Sat, Jan 10, 2015 at 5:41 AM, Arne Kepp a...@tiledmarble.org wrote: Hi, I would like to restrict different users to different geographic regions based on a secret in the URL they are using to access MapServer. I intend to use an inner join on a table with secrets / polygons, and then use the run-time substitution in MapServer to insert the sanitized secret into the Postgis query. The crux, I think, is that I have to send WMS 1.3.0 GetCapabilities URLs to our users. And I don't think I can make the getcapabilties document include the (variable) secret in the OnlineResource elements ? So I am thinking about writing a wrapper that rewrites the GetCapabilities document on the fly. My question is, is there a better way that I have not thought of? Kind regards, Arne ___ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users ___ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users
Re: [mapserver-users] Spatial access restriction based on secret in URL, WMS Getcapabilities
If you launder everything through a script (in any of your favorite languages) you can capture the output stream before you send it back to the user. When my Mapserver-fu runs out I tend to go with scripting. On Sat, Jan 10, 2015 at 6:55 AM, Arne Kepp a...@tiledmarble.org wrote: If I go with environment variables and 1), how do I get SECRET_CODE into the URLs in the GetCapabilities document ? I'm assuming I need to modify wms_onlineresource ? It would be really cool if .map files automatically substituted $variables in general, beyond what [1] covers. -Arne 1: https://trac.osgeo.org/mapserver/wiki/EnvironmentVariables On 10/01/15 13:30 , Dan Little wrote: I'd probably do something with a script and some URL rewriting. For example, a URL like... - http://myserver.whee/path/SECRET_CODE/mapserv?[WMS parameters] Then do the following: 1. Low-buck: Use apache rewrite rules to set an environment variable. Then use the environment variable for my substitutions. 2. Using WSGI (I'm a python kind of guy): Parse the URL to get the secret to do the limiting. Really this kind of stuff is always application specific, and you are ultimately the person who needs to maintain it, so stick to what you'll be able to understand 6-months after you've implemented it. :-) On Sat, Jan 10, 2015 at 5:41 AM, Arne Kepp a...@tiledmarble.org wrote: Hi, I would like to restrict different users to different geographic regions based on a secret in the URL they are using to access MapServer. I intend to use an inner join on a table with secrets / polygons, and then use the run-time substitution in MapServer to insert the sanitized secret into the Postgis query. The crux, I think, is that I have to send WMS 1.3.0 GetCapabilities URLs to our users. And I don't think I can make the getcapabilties document include the (variable) secret in the OnlineResource elements ? So I am thinking about writing a wrapper that rewrites the GetCapabilities document on the fly. My question is, is there a better way that I have not thought of? Kind regards, Arne ___ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users ___ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users
[mapserver-users] Spatial access restriction based on secret in URL, WMS Getcapabilities
Hi, I would like to restrict different users to different geographic regions based on a secret in the URL they are using to access MapServer. I intend to use an inner join on a table with secrets / polygons, and then use the run-time substitution in MapServer to insert the sanitized secret into the Postgis query. The crux, I think, is that I have to send WMS 1.3.0 GetCapabilities URLs to our users. And I don't think I can make the getcapabilties document include the (variable) secret in the OnlineResource elements ? So I am thinking about writing a wrapper that rewrites the GetCapabilities document on the fly. My question is, is there a better way that I have not thought of? Kind regards, Arne ___ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users
Re: [mapserver-users] Spatial access restriction based on secret in URL, WMS Getcapabilities
I'd probably do something with a script and some URL rewriting. For example, a URL like... - http://myserver.whee/path/SECRET_CODE/mapserv?[WMS parameters] Then do the following: 1. Low-buck: Use apache rewrite rules to set an environment variable. Then use the environment variable for my substitutions. 2. Using WSGI (I'm a python kind of guy): Parse the URL to get the secret to do the limiting. Really this kind of stuff is always application specific, and you are ultimately the person who needs to maintain it, so stick to what you'll be able to understand 6-months after you've implemented it. :-) On Sat, Jan 10, 2015 at 5:41 AM, Arne Kepp a...@tiledmarble.org wrote: Hi, I would like to restrict different users to different geographic regions based on a secret in the URL they are using to access MapServer. I intend to use an inner join on a table with secrets / polygons, and then use the run-time substitution in MapServer to insert the sanitized secret into the Postgis query. The crux, I think, is that I have to send WMS 1.3.0 GetCapabilities URLs to our users. And I don't think I can make the getcapabilties document include the (variable) secret in the OnlineResource elements ? So I am thinking about writing a wrapper that rewrites the GetCapabilities document on the fly. My question is, is there a better way that I have not thought of? Kind regards, Arne ___ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users ___ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users
