[mapserver-users] Restricted WMS access

Rahkonen Jukka Jukka.Rahkonen at mmmtike.fi
Wed May 30 01:28:36 PDT 2012 

Hi,

For simple needs you can configure Apache to use http basic authentication and make it to require https.
http://httpd.apache.org/docs/2.0/howto/auth.html 

Setting basic authentication is simple but it does not give any real security without configuring Apache to use https instead of http. But anyway, Mapserver project does not give you tools for access control. Consider if https + basic authentication is enough for you. It may be if you do not need user roles and all it should do is either to give or deny access to Mapserver. Most simple way to do this is to put the cgi-bin directory behind passwords somehow like

<Location "/cgi-bin">
    Options None
    Order allow,deny
    Allow from all
      AuthType Basic
           AuthName "Please log in"
            # (Following line optional)
            AuthBasicProvider file
            AuthUserFile "c:/ms4w/apache/passwd/passwords"
           Require user user1 user2 user3
</Location>

As a result only user1, user2 and user3 can reach cgi-bin if they give correct password.

-Jukka Rahkonen-



Richard Suematsu
 
> I don't think MapServer does this itself. We've done this by 
> proxying MapServer behind tomcat and using a servlet filter 
> to validate the user.
> 
> Rich
> 
> -----Original Message-----
> From: mapserver-users-bounces at lists.osgeo.org 
> [mailto:mapserver-users-bounces at lists.osgeo.org] On Behalf Of 
> Alberto Najera
> Sent: Monday, May 28, 2012 2:35 AM
> To: mapserver-users at lists.osgeo.org
> Subject: [mapserver-users] Restricted WMS access
> 
> Hello,
> 
> Is it possible to have a restricted (user id and password 
> required) WMS service through Mapserver?  If so, how can this 
> be done?  I have searched the documentation but had not been 
> able to find if this is possible.
> 
> Thank you
> 
> Alberto Najera
> 
> 
> _______________________________________________
> mapserver-users mailing list
> mapserver-users at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-users
> 
> 
> 
> Confidentiality Notice: This e-mail message, including any 
> attachments, is for the sole use of the
> intended recipient(s) and may contain confidential and 
> privileged information. Unauthorized
> review, use, disclosure or distribution is prohibited. If you 
> are not the addressee indicated in this
> message kindly notify the sender by reply e-mail and destroy 
> all copies of the original message.
> 
> _______________________________________________
> mapserver-users mailing list
> mapserver-users at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-users
>

More information about the mapserver-users mailing list