[mapserver-users] Restricted WMS access
Alberto Najera
anajera at bicimapas.com.mx
Wed May 30 15:03:09 PDT 2012
Thanks for the information, I am getting the idea. I would not like to
restrict the cgi-bin as we have some maps that are not restricted. Would it
be possible to restrict only the folder where the restricted Mapfiles are
located?
Alberto Najera
-----Mensaje original-----
De: mapserver-users-bounces at lists.osgeo.org
[mailto:mapserver-users-bounces at lists.osgeo.org] En nombre de Rahkonen Jukka
Enviado el: miércoles, 30 de mayo de 2012 03:29 a.m.
Para: 'mapserver-users at lists.osgeo.org'
Asunto: Re: [mapserver-users] Restricted WMS access
Hi,
For simple needs you can configure Apache to use http basic authentication
and make it to require https.
http://httpd.apache.org/docs/2.0/howto/auth.html
Setting basic authentication is simple but it does not give any real
security without configuring Apache to use https instead of http. But
anyway, Mapserver project does not give you tools for access control.
Consider if https + basic authentication is enough for you. It may be if you
do not need user roles and all it should do is either to give or deny access
to Mapserver. Most simple way to do this is to put the cgi-bin directory
behind passwords somehow like
<Location "/cgi-bin">
Options None
Order allow,deny
Allow from all
AuthType Basic
AuthName "Please log in"
# (Following line optional)
AuthBasicProvider file
AuthUserFile "c:/ms4w/apache/passwd/passwords"
Require user user1 user2 user3 </Location>
As a result only user1, user2 and user3 can reach cgi-bin if they give
correct password.
-Jukka Rahkonen-
Richard Suematsu
More information about the MapServer-users
mailing list