Securing MAP files.

Delfos, Jacob Jacob.Delfos at MAUNSELL.COM
Wed Feb 7 19:18:12 PST 2007 

Ian,
 
Your mapfiles need not be accessible by HTTP in order for your PHP
programs to run them, if you know what I mean. They don't have to be
public access, in a web-aliased folder. If they are available by HTTP
(if they need to be), then use basic Apache authentication (e.g.
http://httpd.apache.org/docs/1.3/howto/auth.html).
 
If, on the other hand, you want your application to only use certain
mapfiles, you can use that same authentication, and then pick up the
username in PHP, with this server-variable:
 
$_SERVER['REDIRECT_REMOTE_USER'])
 
You can then make your application behave differently on the basis of
this username. For example, see:
http://lists.maptools.org/pipermail/chameleon/2005-September/002992.html
 
regards,
 
Jacob
 


________________________________

	From: UMN MapServer Users List
[mailto:MAPSERVER-USERS at LISTS.UMN.EDU] On Behalf Of Ian Tidy
	Sent: 8 February 2007 10:21
	To: MAPSERVER-USERS at LISTS.UMN.EDU
	Subject: [UMN_MAPSERVER-USERS] Securing MAP files.
	
	

	Hi All, 

	I am in the process of setting up MapServer, and we want to
control users access to specific MAP files.  The map files are all
accessed through the same PHP page.  Some MAP files will be for general
use, whilst others would need a user name and password.

	I am running an Ubuntu Linux Server. 

	Any ideas on how I can achieve this? 

	Cheers Ian 
	______________________
	Ian Tidy
	GIS Administrator
	Works Asset Department
	Napier City Council
	Hastings St, Private Bag 6010, Napier, New Zealand
	Phone +64-6-835-7579 Ext. 8115
	Fax +64-6-834-4195
	mailto:iant at napier.govt.nz <mailto:iant at napier.govt.nz> 
	http://www.napier.govt.nz <http://www.napier.govt.nz>  



________________________________

	This e-mail message has been scanned for Viruses and Content and
cleared by MailMarshal 
________________________________

	
######################################################################
	Attention: 
	This e-mail message and accompanying data may contain
information that
	is confidential and subject to legal privilege. Any information
	provided is given in good faith. However unless specifically
stated to
	the contrary, Napier City Council accepts no liability for the
	content of this e-mail or for the consequences of any action
taken on
	the basis of the information provided, unless that information
is
	subsequently confirmed in writing. If you are not the intended
recipient,
	you are notified that any use, dissemination, distribution or
copying
	of this message or data is prohibited. If you received this
e-mail
	message in error, please notify us immediately and erase all
copies
	of this message and attachments. Thank you. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/mapserver-users/attachments/20070208/2a5774e6/attachment.htm>

More information about the MapServer-users mailing list