<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-15">
<META content="MSHTML 6.00.2900.3243" name=GENERATOR></HEAD>
<BODY>
<DIV>I have made copies of mapserv.exe in my cgi-bin to other names such as gsswms.exe. I then have a line at the bottom of httpd.conf:</DIV>
<DIV> </DIV>
<DIV>SetEnvIf Request_URI "/cgi-bin/gsswms.exe?" MS_MAPFILE=/ms4w/apps/service/nztm.map</DIV>
<DIV> </DIV>
<DIV>So I then use a layer definition for OL such as :</DIV>
<DIV> </DIV>
<DIV>var topowms = new OpenLayers.Layer.WMS( "Topos",<BR> "<A href="http://10.64.20.120/cgi-bin/gsswms.exe">http://10.64.20.120/cgi-bin/gsswms.exe</A>?",<BR> {layers: ['nzislands','nznoaa','nz1mtm','nz250ktm','ci250k','nz50ktm','ci50kcitm'], transparent: 'true',format: "image/png"},<BR> {singleTile: true, isBaseLayer: false, minResolution: 2000, visibility: false} );</DIV>
<DIV> </DIV>
<DIV>regards,</DIV>
<DIV> </DIV>
<DIV>Robert Sanson<BR><BR>>>> <Steve.Toutant@inspq.qc.ca> 15/10/2009 2:53 a.m. >>><BR><BR><FONT face=sans-serif size=2>Thanks all for your help,</FONT> <BR><FONT face=sans-serif size=2>I'll have in a near future to implement a fully secured private site since I'm gonna have to publish VERY sensible data via WMS. I can tell that this issue scares the IT group. Story to follow...</FONT> <BR><FONT face=sans-serif size=2>But for now, obscurity is sufficient.</FONT> <BR><BR><FONT face=sans-serif size=2>I'm a bit in obscurity myself regardin http_referer...I need to know more about the mechanic...</FONT> <BR><FONT face=sans-serif size=2>It's not clear what I should do in the mapfile and in my OpenLayers code?</FONT> <BR><BR><FONT face=sans-serif size=2>I added Daniel's code in Apache conf.</FONT> <BR><BR><FONT face=sans-serif size=2>"</FONT><TT><FONT size=2>Then your WMS requests should refer to the mapfile using "map=MYMAP" <BR>instead of a full path. If the referrer is not valid, then MYMAP will <BR>not be set and MapServer will spit out an error."<BR></FONT></TT><BR><TT><FONT size=2>Do I need to use the MYMAP environment variabble in the mapfile or in OL code, or both?</FONT></TT> <BR><BR><FONT face=sans-serif size=2>I'm using OpenLayers to create a WMS layer with new OpenLayers.Layer.WMS(name, url, params, options);</FONT> <BR><FONT face=sans-serif size=2>Instead of the path of the mapfile should I use MYMAP (Environment variable MYMAP defined in the conf of Apache). If so, Is there some magic there to get the environment variable value? Should I get it with some php code?</FONT> <BR><BR><FONT face=sans-serif size=2>Thanks</FONT> <BR><FONT face=sans-serif size=2>Steve</FONT> <BR><BR><BR><FONT face=sans-serif size=2><BR></FONT><BR><BR><BR></DIV>
<TABLE width="100%">
<TBODY>
<TR vAlign=top>
<TD width="40%"><FONT face=sans-serif size=1><B>Daniel Morissette <dmorissette@mapgears.com>@openlayers.org</B> </FONT><BR><FONT face=sans-serif size=1>Envoyé par : users-bounces@openlayers.org</FONT>
<P><FONT face=sans-serif size=1>13/10/2009 02:56 PM</FONT> </P>
<TD width="59%">
<TABLE width="100%">
<TBODY>
<TR vAlign=top>
<TD>
<DIV align=right><FONT face=sans-serif size=1>A</FONT></DIV>
<TD><FONT face=sans-serif size=1>users@openlayers.org</FONT>
<TR vAlign=top>
<TD>
<DIV align=right><FONT face=sans-serif size=1>cc</FONT></DIV>
<TD>
<TR vAlign=top>
<TD>
<DIV align=right><FONT face=sans-serif size=1>Objet</FONT></DIV>
<TD><FONT face=sans-serif size=1>Re: [OpenLayers-Users] Control access to WMS</FONT></TR></TBODY></TABLE><BR>
<TABLE>
<TBODY>
<TR vAlign=top>
<TD>
<TD></TR></TBODY></TABLE><BR></TR></TBODY></TABLE><BR><BR><BR><BR><BR><TT><FONT size=2>Christopher Schmidt wrote:<BR>> <BR>> If you care about people 'stumbling in', this would be sufficient. If you<BR>> actually want to ensure people can't use the data outside of your app,<BR>> it's not.<BR>> <BR>[...]<BR>> <BR>> Yeah, something like that is what I would probably do if I wanted something<BR>> taht was obscurity and not security. :)<BR>> <BR><BR>I agree (and I never used the word security). But this may be sufficient <BR>in some simple cases. :)<BR><BR>And for a more complete Access Control solution, everyone is invited to <BR>a presentation of the new GeoPrisma project in a conference near you:<BR><BR>FOSS4G 2009 (Sydney, 2009-10-23):<BR> http://2009.foss4g.org/presentations/#presentation_146<BR><BR>Géomatique 2009 (Montréal, 2009-10-21):<BR> http://www.geomatique2009.com/en/papers/program<BR><BR>Daniel<BR>-- <BR>Daniel Morissette<BR>http://www.mapgears.com/<BR>_______________________________________________<BR>Users mailing list<BR>Users@openlayers.org<BR>http://openlayers.org/mailman/listinfo/users<BR></FONT></TT><BR><BR><BR><BR><BR><FONT style="BACKGROUND-COLOR: #ffffff">
<P align=center><FONT style="BACKGROUND-COLOR: #ffffff">Click <A href="https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg==">here</A> to report this email as spam.</FONT></P></FONT><br><br><table bgcolor=white style="color:black"><tr><td><br>------------------------------------------------------------------<br>
The contents of this email are confidential to AsureQuality. If you have received this communication in error please notify the sender immediately and delete the message and any attachments. The opinions expressed in this email are not necessarily those of AsureQuality. This message has been scanned for known viruses before delivery. AsureQuality supports the Unsolicited Electronic Messages Act 2007. If you do not wish to receive similar communications in future, please notify the sender of this message.<br>
------------------------------------------------------------------</td></tr></table><br><br>
<P align=center><FONT style="BACKGROUND-COLOR: #ffffff">This message has been scanned for malware by SurfControl plc. </FONT><A href="http://www.surfcontrol.com/"><FONT style="BACKGROUND-COLOR: #ffffff" color=#000000>www.surfcontrol.com</FONT></A></P>
</body></HTML>