[mapserver-dev] Enable/disable OWS layers by IP list
Tamas Szekeres
szekerest at gmail.com
Wed Feb 13 05:45:23 PST 2013
Hi Devs,
I got a requirement from Faunalia (http://www.faunalia.it) to
establish option to Enable/disable OWS layers by IP list.
We need to add two new parameters to the WEB section of the mapfile,
and/or in the METADATA section of every single layer:
1. "ows_allowed_ip_list"
2. "ows_denied_ip_list"
Both should point to a file with a list of IP addresses.
The aim is to let the admin to define list of users, identified
through their IPs to
allow or deny access to one or more specific WMS or WFS layers.
I've prepared an implementation to this requirement which appears to
be a fairly simple addition to the code:
https://github.com/szekerest/mapserver/commit/4b7c203a1782cd56d01c34e1079a184c04e51207
In my approach if both the allowed list and the denied list contains
the current endpoint IP then the denied list will take precedence.
If allowed_ip_list or ows_denied_ip_list is not specified or the
specified files are not readable then the current behaviour will
continue to work.
Issue has also been added for this addition:
https://github.com/mapserver/mapserver/issues/4588
Let me know about your opinion whether this change is reasonable.
Would that require an RFC to be added?
Deadline of this addition is close, so I'd prefer to include this as
soon as possible.
Best regards,
Tamas
More information about the mapserver-dev
mailing list