[mapserver-users] Spatial access restriction based on "secret" in URL, WMS Getcapabilities

Dan Little theduckylittle at gmail.com
Sat Jan 10 04:30:03 PST 2015


I'd probably do something with a script and some URL rewriting.

For example, a URL like...
- http://myserver.whee/path/SECRET_CODE/mapserv?[WMS parameters]

Then do the following:
1. Low-buck: Use apache rewrite rules to set an environment variable.
Then use the environment variable for my substitutions.
2. Using WSGI (I'm a python kind of guy): Parse the URL to get the
secret to do the limiting.

Really this kind of stuff is always application specific, and you are
ultimately the person who needs to maintain it, so stick to what
you'll be able to understand 6-months after you've implemented it. :-)


On Sat, Jan 10, 2015 at 5:41 AM, Arne Kepp <arne at tiledmarble.org> wrote:
> Hi,
>
> I would like to restrict different users to different geographic regions
> based on a secret in the URL they are using to access MapServer.
>
> I intend to use an inner join on a table with secrets / polygons, and then
> use the run-time substitution in MapServer to insert the sanitized secret
> into the Postgis query.
>
> The crux, I think, is that I have to send WMS 1.3.0 GetCapabilities URLs to
> our users. And I don't think I can make the getcapabilties document include
> the (variable) secret in the OnlineResource elements ?
>
> So I am thinking about writing a wrapper that rewrites the GetCapabilities
> document on the fly. My question is, is there a better way that I have not
> thought of?
>
> Kind regards,
> Arne
>
> _______________________________________________
> mapserver-users mailing list
> mapserver-users at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-users



More information about the MapServer-users mailing list