[mapserver-users] Security Problem

FradshamT at DFO-MPO.GC.CA FradshamT at DFO-MPO.GC.CA
Mon Jan 14 14:02:39 EST 2002


Dear MapServer Community,
 
First I would like to say great work on all the designs, coding and
documentation for MapServer 3.5. I am normally an ArcIMS admin but I now
have an opportunity to work with MapServer and it has been great. 
 
I am using MapServer 3.5 (custom build) on Windows 2000 Server with IIS 5.0
 
MapServer version 3.5 OUTPUT=GIF OUTPUT=PNG OUTPUT=JPEG OUTPUT=WBMP
SUPPORTS=PROJ SUPPORTS=TTF SUPPORTS=WMS_SERVER 
INPUT=TIFF INPUT=EPPL7 INPUT=OGR INPUT=SHAPEFILE
 
I am using Microsoft Security Application Toolkit which basically locks down
everything and you unlock what you need with regards to web apps. 
 
Everything works great, except for one thing. Where does the xml file for
the GetCapabilities Request Get written to? For some reason when I put in a
request to the WMS Server:
 
http://myserver/scripts/mapserv.exe?&map=C:\inetpub\wwwroot\OceansIMS\demo\o
ceans.map&REQUEST=GetCapabilities
 
I get prompted for a windows authentication request. But if I use the
demoapp request
 
http://myserver/OceansIMS/demo/oceans_init.html
 
Which uses the same map file, the app continues normally without any login
request. This is because I set the appropriate security on the IMAGEPATH
directory for which the temp images are written, but any request to the WMS
Service and I get prompted for a login everytime.
 
Any help would be appreciated.
 
Trevor Fradsham
Systems Analyst - GIS
Fisheries & Oceans Canada
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.osgeo.org/pipermail/mapserver-users/attachments/20020114/18ea3d5e/attachment.html


More information about the mapserver-users mailing list