Authentication (Re: Feature polls...)
Attila Csipa
plists at PROMETHEUS.ORG.YU
Fri Jan 20 10:21:42 EST 2006
On Friday 20 January 2006 16:04, José Luis Campanello wrote:
> My opinion on this subject (both authentication and authorization) is very
> different.
> I'm certain that there are many users out there not using apache (for
> example: MS IIS).
> I think this road will end up with a product that supports security in one
> platform and does not supports it for the others. Even more, security will
> be supported in a "general" way because it is defined by people with other,
> more general, goals in mind.
I believe the original post was not talking about having apache authentication
handling in mapserver, but rather some midleware, that has an authentication
framework on one side (through apache, IIS, a custom script, doesn't matter)
and an interface to Mapserver on the other side. This way it is much easier
to add any authentication scheme than it would be to adapt a built-in
mapserver authentication to a particular purpose, so from my point of view,
your suggestion is actually working against your goal - a general way for
authentication. You do not want a Yet Another User/Pass syndrome. If you have
experience with unices, think PAM. Or say squid, courier or any other
software that allows pluggable authentication. And, as clarification, this
_does not_ mean that Mapserver cannot have standalone or 'own' authentication
- it's just that it would be a module that does not require any external
software.
More information about the mapserver-dev
mailing list