Authentication (Re: Feature polls...)

Sean Gillies sgillies at FRII.COM
Sun Jan 15 12:23:55 EST 2006


mod_rewrite allows us to match and even rewrite the query string.  
This means you could rewrite a request for layer_a to a URL that  
requires authentication.

I think it's madness to reinvent the auth wheel. A CGI program should  
be dumb, and rely on the webserver in this matter.


On Jan 14, 2006, at 6:04 AM, Bart van den Eijnden (OSGIS) wrote:

> Hi Sean,
> for authentication I agree with you, but for authorisation we  
> really need a way to assign certain map layers to users/groups  
> without duplicating map files.
> Best regards,
> Bart
> Sean Gillies wrote:
>> Steve,
>> I don't see any need to implement authentication. Just use an   
>> existing Apache (or if you must, IIS) module. A combination of   
>> mod_auth and mod_rewrite ought to make almost anything possible  
>> or  impossible.
>> Sean
>> On Jan 13, 2006, at 4:38 PM, Steve Lime wrote:
>>> Yes, and simple authentication support should be there too.  
>>> There's  a =
>>> pretty
>>> well thought out bug for that one...
>>> Too little time.
>>> Steve

More information about the mapserver-dev mailing list