[mapserver-users] Spatial access restriction based on "secret" in URL, WMS Getcapabilities
Arne Kepp
arne at tiledmarble.org
Sat Jan 10 04:55:59 PST 2015
If I go with environment variables and 1), how do I get SECRET_CODE into
the URLs in the GetCapabilities document ?
I'm assuming I need to modify wms_onlineresource ?
It would be really cool if .map files automatically substituted
$variables in general, beyond what [1] covers.
-Arne
1: https://trac.osgeo.org/mapserver/wiki/EnvironmentVariables
On 10/01/15 13:30 , Dan Little wrote:
> I'd probably do something with a script and some URL rewriting.
>
> For example, a URL like...
> - http://myserver.whee/path/SECRET_CODE/mapserv?[WMS parameters]
>
> Then do the following:
> 1. Low-buck: Use apache rewrite rules to set an environment variable.
> Then use the environment variable for my substitutions.
> 2. Using WSGI (I'm a python kind of guy): Parse the URL to get the
> secret to do the limiting.
>
> Really this kind of stuff is always application specific, and you are
> ultimately the person who needs to maintain it, so stick to what
> you'll be able to understand 6-months after you've implemented it. :-)
>
>
> On Sat, Jan 10, 2015 at 5:41 AM, Arne Kepp <arne at tiledmarble.org> wrote:
>> Hi,
>>
>> I would like to restrict different users to different geographic regions
>> based on a secret in the URL they are using to access MapServer.
>>
>> I intend to use an inner join on a table with secrets / polygons, and then
>> use the run-time substitution in MapServer to insert the sanitized secret
>> into the Postgis query.
>>
>> The crux, I think, is that I have to send WMS 1.3.0 GetCapabilities URLs to
>> our users. And I don't think I can make the getcapabilties document include
>> the (variable) secret in the OnlineResource elements ?
>>
>> So I am thinking about writing a wrapper that rewrites the GetCapabilities
>> document on the fly. My question is, is there a better way that I have not
>> thought of?
>>
>> Kind regards,
>> Arne
>>
>> _______________________________________________
>> mapserver-users mailing list
>> mapserver-users at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/mapserver-users
More information about the mapserver-users
mailing list