<br><font size=2 face="sans-serif">Thanks all for your help,</font>
<br><font size=2 face="sans-serif">I'll have in a near future to implement
a fully secured private site since I'm gonna have to publish VERY sensible
data via WMS. I can tell that this issue scares the IT group. Story to
follow...</font>
<br><font size=2 face="sans-serif">But for now, obscurity is sufficient.</font>
<br>
<br><font size=2 face="sans-serif">I'm a bit in obscurity myself regardin
http_referer...I need to know more about the mechanic...</font>
<br><font size=2 face="sans-serif">It's not clear what I should do in the
mapfile and in my OpenLayers code?</font>
<br>
<br><font size=2 face="sans-serif">I added Daniel's code in Apache conf.</font>
<br>
<br><font size=2 face="sans-serif">"</font><tt><font size=2>Then your
WMS requests should refer to the mapfile using "map=MYMAP" <br>
instead of a full path. If the referrer is not valid, then MYMAP will <br>
not be set and MapServer will spit out an error."<br>
</font></tt>
<br><tt><font size=2>Do I need to use the MYMAP environment variabble in
the mapfile or in OL code, or both?</font></tt>
<br>
<br><font size=2 face="sans-serif">I'm using OpenLayers to create a WMS
layer with new OpenLayers.Layer.WMS(name, url, params, options);</font>
<br><font size=2 face="sans-serif">Instead of the path of the mapfile should
I use MYMAP (Environment variable MYMAP defined in the conf of Apache).
If so, Is there some magic there to get the environment variable value?
Should I get it with some php code?</font>
<br>
<br><font size=2 face="sans-serif">Thanks</font>
<br><font size=2 face="sans-serif">Steve</font>
<br>
<br>
<br><font size=2 face="sans-serif"><br>
</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Daniel Morissette <dmorissette@mapgears.com>@openlayers.org</b>
</font>
<br><font size=1 face="sans-serif">Envoyé par : users-bounces@openlayers.org</font>
<p><font size=1 face="sans-serif">13/10/2009 02:56 PM</font>
<td width=59%>
<table width=100%>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">A</font></div>
<td><font size=1 face="sans-serif">users@openlayers.org</font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">Objet</font></div>
<td><font size=1 face="sans-serif">Re: [OpenLayers-Users] Control access
to WMS</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br>
<br>
<br><tt><font size=2>Christopher Schmidt wrote:<br>
> <br>
> If you care about people 'stumbling in', this would be sufficient.
If you<br>
> actually want to ensure people can't use the data outside of your
app,<br>
> it's not.<br>
> <br>
[...]<br>
> <br>
> Yeah, something like that is what I would probably do if I wanted
something<br>
> taht was obscurity and not security. :)<br>
> <br>
<br>
I agree (and I never used the word security). But this may be sufficient
<br>
in some simple cases. :)<br>
<br>
And for a more complete Access Control solution, everyone is invited to
<br>
a presentation of the new GeoPrisma project in a conference near you:<br>
<br>
FOSS4G 2009 (Sydney, 2009-10-23):<br>
http://2009.foss4g.org/presentations/#presentation_146<br>
<br>
Géomatique 2009 (Montréal, 2009-10-21):<br>
http://www.geomatique2009.com/en/papers/program<br>
<br>
Daniel<br>
-- <br>
Daniel Morissette<br>
http://www.mapgears.com/<br>
_______________________________________________<br>
Users mailing list<br>
Users@openlayers.org<br>
http://openlayers.org/mailman/listinfo/users<br>
</font></tt>
<br>
<br>
<br>