[mapguide-users] newbie question about security

Kenneth, GEOGRAF A/S ks at geograf.dk
Thu Nov 8 03:23:08 EST 2007 

Once the user is authenticated and the session is created, the server 
will not ask for credentials again.
You can of course provide your own login box. You can then call the 
CreateSession to test if the credentials are valid.
You cannot change the identity of the current session.

This means that you can create a new session with the new credentials.
With this session, you can download the layerdefintion and featuresource.
You can then store it in the other session's temporary repository, and 
insert it into the runtime map.

This is not a simple solution, but it works. It requires some manual coding.

Regards, Kenneth, GEOGRAF A/S



dorra2007 skrev:
> All users acess the same map (and layout), but the difference between users
> consists in the temporary layers loaded, according to his parameters stored
> in a database.
> So, I am wondering if there is a mapguide security API that manages users in
> this way, or a security and login code ready for use.I'll be very grateful
> if you provide me with this code.
> My problem is that users are not prompted for a login and password, while
> they have also access denied.
>
>
> James Card wrote:
>   
>> On Tue, 06 Nov 2007 03:38:30 -0800, dorra2007 <dorrdor at yahoo.fr> wrote:
>>
>>     
>>> I wish to know how to assign a user account to a layer (or layer  
>>> definition), so that when he wish access this layer, he will be promted  
>>> for a user name and password.
>>>       
>> The workaround we used for this was to assign security at the map level  
>> rather than the layer level. We created a separate map for each security  
>> group that included only the layers appropriate to that group. We also  
>> created one layout for each of these maps, so it was easy for the security  
>> and login code already in place on the webserver to just load the  
>> appropriate layout after the user was authenticated.
>>
>> Since we only had four secuirty groups this was a simple solution. If the  
>> were many different combinations of layer permissions required it would be  
>> too cumbersome to maintain a separate map and layout for each.
>>
>> -- 
>> James Card
>> 209-578-5580
>> _______________________________________________
>> mapguide-users mailing list
>> mapguide-users at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/mapguide-users
>>
>>
>>     
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.osgeo.org/pipermail/mapguide-users/attachments/20071108/b4de386a/attachment.html

More information about the mapguide-users mailing list