[mapserver-users] Control access to WMS
Daniel Morissette
dmorissette at mapgears.com
Tue Oct 13 23:33:33 EDT 2009
Martin Kofahl wrote:
> WSS/WAS requires authentication. I wonder if and which http_referer
> header is usually sent to the server when using openlayers. You could
> check if this header either contains the url where your site runs or if
> it is empty/not set for clients not sending this header. This can be
> realized in the apache configuration or a wrapper. Not 100% secure but
> helps to avoid the use of your WMS on other public sites.
>
FYI this thread was cross-posted to the openlayers list and the Referrer
option was discussed there as well earlier today:
http://openlayers.org/pipermail/users/2009-October/014373.html
Daniel
--
Daniel Morissette
http://www.mapgears.com/
More information about the mapserver-users
mailing list