Authentication (Re: Feature polls...)

Attila Csipa plists at PROMETHEUS.ORG.YU
Fri Jan 20 10:21:42 EST 2006

On Friday 20 January 2006 16:04, José Luis Campanello wrote:
> My opinion on this subject (both authentication and authorization) is very
> different.
> I'm certain that there are many users out there not using apache (for
> example: MS IIS).
> I think this road will end up with a product that supports security in one
> platform and does not supports it for the others. Even more, security will
> be supported in a "general" way because it is defined by people with other,
> more general, goals in mind.

I believe the original post was not talking about having apache authentication 
handling in mapserver, but rather some midleware, that has an authentication 
framework on one side (through apache, IIS, a custom script, doesn't matter) 
and an interface to Mapserver on the other side. This way it is much easier 
to add any authentication scheme than it would be to adapt a built-in 
mapserver authentication to a particular purpose, so from my point of view, 
your suggestion is actually working against your goal - a general way for 
authentication. You do not want a Yet Another User/Pass syndrome. If you have 
experience with unices, think PAM. Or say squid, courier or any other 
software that allows pluggable authentication. And, as clarification, this 
_does not_ mean that Mapserver cannot have standalone or 'own' authentication 
- it's just that it would be a module that does not require any external 

More information about the mapserver-dev mailing list