[mapserver-users] MapServer .map file security question

Jörg Thomsen jt at mapmedia.de
Tue Feb 19 08:04:22 PST 2013


Hello Mark,

have a look at
http://mapserver.org/ogc/wms_server.html#changing-the-online-resource-url

If using 'Apache SetEnvIf' you could redirect to different
cgi-directories and there use allow-from / deny-from rules.

Regards, Jörg

Am 19.02.2013 16:45, schrieb Mark Volz:
> Hi,
> 
> I have a server that I would like to run both internal and external applications on it.  I know I can use apache to limit who can access internal web pages.  However, is there any mechanism to stop an external user from drawing an internal actual .map file?  For example, what would stop someone from changing the requested map from: http://myserver/cgi-bin/mapserv.exe?map=External.map.  To:  http://myserver/cgi-bin/mapserv.exe?map=Internal.map.
> 
> I could see this as an issue if I want to enable wms.
> 
> Thanks
>  
> Mark Volz
> GIS Specialist
> 
> 
> _______________________________________________
> mapserver-users mailing list
> mapserver-users at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-users
> 




More information about the MapServer-users mailing list