[mapserver-dev] Call for comments - RFC 42 HTTP Cookie Forwarding
Julien-Samuel Lacroix
jlacroix at mapgears.com
Thu Mar 27 17:16:37 EDT 2008
Hi,
There have been some discussion about this on IRC. I'll try to summarise
what have been said. Please correct me if I forget something or if I'm
wrong.
Please also add your own comment.
- Cookie passing should be done by the webserver, but since we connect
directly to a WMS server we have to handle it in MapServer.
- There's no mention of encoding in the RFC. I should add a mention to
warn MapScript users that they should encode their end-of-line and
double-quote characters to make sure they don't screw up their mapfile
when saving it on disc. For a CGI request, it shouldn't be a problem
since we don't save the file after we set the cookie. Is that enough?
- Putting processing values in a metadata (http_cookie_data) may be
going to far. The other alternative would be to add a mapfile
configuration parameter called HTTPCOOKIE that would be used to store
the cookie data. I would like to hear from others on that specific point?
Julien
Julien-Samuel Lacroix wrote:
> Hi,
>
> We had a request to add HTTP Cookie forwarding support in MapServer for
> WMS/WFS layers. This would allow us to support Cookie base
> authentication that are present in certain WMS/WFS server environment.
>
> These are simple and non-disruptive changes. Note that MapServer already
> read the HTTP Cookie and store them in the cgiRequestObj like they were
> GET or POST parameters.
>
> Can you please take a look at:
>
> http://mapserver.gis.umn.edu/development/rfc/ms-rfc-42
>
> Julien
>
--
Julien-Samuel Lacroix
Mapgears
http://www.mapgears.com/
More information about the mapserver-dev
mailing list