[mapguide-users] please clarify user authentication issues
Kenneth Skovhede, GEOGRAF A/S
ks at geograf.dk
Wed Sep 10 03:48:27 EDT 2008
The "sessionId" is known as a "security token".
When you call "CreateSession", you get a token.
Whenever the token is recieved, it is mapped back to the user who
created it.
So, any use of the token, will grant you the same rights as if you passed in
the username/password all the time.
The token value is impossible to guess, and expires after some time.
By using the token instead of a username/password, your end user
gets the same rights as the user, but you have not revealed the username
or password.
There are currently no way to elevate privileges, so if you have an
"Anonymous" user,
you will have to create a new MgSite object, logged in as the administrator.
As you already know the sessionId, you can save stuff into the anonymous
users session.
Unfortunately, the MapGuide API does not have a method that allows you
to save the
runtime map in another session. Doing so will also cause you trouble if
the layers or
featuresources are unavalible to the anonymous user.
If you have no trouble there, you can issue a "CopyResource" command, and
copy the runtime map from the current session to the other session.
Another option is the MaestroAPI, which can save runtime maps into
arbitrary places
(including Library and another session):
http://trac.osgeo.org/mapguide/wiki/maestro
A third option is that you can create a user that has the exact rights
required,
and then use only that user, by issuing a CreateSession before the
solution loads.
Regards, Kenneth Skovhede, GEOGRAF A/S
poy skrev:
> Hi All,
>
> I have a weblayout, the map definition of which is in a map folder with
> permissions to access only by the admistrator user group. I also created a
> Invoke URL command which calls an aspx page in the task pane. In the aspx
> page I am trying to get the list of layers in the map. My code in the aspx
> page is as follows:
>
> //get session id from map request
> string sessionId = Request.Form["SESSION"];
> string mapName = Request.Form["MAPNAME"];
>
>
> //initialize web tier
> myclass util = new myclass();
> util.initialiseWebTier();
>
> //set credentials
> MgUserInformation userInfo = new
> MgUserInformation(sessionId);
>
> //connect to the site and get a feature service and a
> resource service instances
> MgSiteConnection site = new MgSiteConnection();
> site.Open(userInfo);
>
> MgFeatureService featService =
> site.CreateService(MgServiceType.FeatureService) as MgFeatureService;
> MgResourceService resService =
> site.CreateService(MgServiceType.ResourceService) as MgResourceService;
>
>
>
> //Create a temporary map runtime object
> MgMap map = new MgMap();
> map.Open(resService, mapName); //fails in this line
>
> //get layers of the map
> MgLayerCollection layers = map.GetLayers();
> //layers count
> int layerCount = layers.GetCount();
>
> //first clear befor loading items
> ddlLayer.Items.Clear();
>
> for (int i = 0; i < layerCount; i++)
> {
> //add layer names to the layers drop down
> ddlLayer.Items.Add(layers[i].GetName());
> }
>
> This code works ok for all the maps where there is no restriction on the
> user group accessing the mapdefinition. But gives a resource not found (map
> definition resource) error for maps which have access permissions set for a
> particular group. When the web layout prompts for username and password, I
> give the administrator user name and password which has access rights to the
> particular map definition, but still I get a resource not found error. What
> am I missing in the code? Please help me to sort this.
>
> Thanks all.
> poy
>
>
>
>
More information about the mapguide-users
mailing list