[OpenLayers-Users] secure WMS and WFS
Eric Lemoine
eric.lemoine at gmail.com
Wed Feb 14 11:11:17 EST 2007
On 2/14/07, Christopher Schmidt <crschmidt at metacarta.com> wrote:
> On Wed, Feb 14, 2007 at 11:03:23AM +0100, Eric Lemoine wrote:
> > Hi there!
> >
> > Does anyone have experience with securing access to WMS and WFS
> > layers? Say, in the same way it's done in google maps, with a key
> > associated with some directory of one's website.
>
> Eric --
>
> I've done a variety of different things, each depending on the:
> * Level of security you need
> * Level of hassle your users can go through
>
> Assuming that you're not trying to *protect* your WMS data -- that is,
> assuming that it's public information -- what you want to do is limit
> the use of it. Note that Google does not do this at the tile level:
> instead, tiles are open for anyone to see, and they use legal means to
> track down and stop anyone using the tiles outside their mapping div.
>
> If the information is public, then the best way to do it is probably to
> implement a mechanism whereby a temporary token can be granted. That
> token is then set as a parameter on the layer, and is checked before
> the WMS image is returned. This can be done using an authentication
> handler in Apache, or a wrapper script around your WMS server.
>
> If your information is not public, then you need to set up actual user
> authentication. This is actually really simple (again, in Apache) --
> simply set up Basic Authentication around the location where the WMS is
> served, and the browser will require users to login (via a popup-like
> box, see http://developers.metacarta.com/account/) before the tiles will
> be displayed.
>
> It all depends on your needs, and your setup.
>
> I've implemented both of these types of access for the MetaCarta Web
> Services (http://developers.metacarta.com/) and would be glad to advise
> on specific questions if you have any.
>
> Regards,
> --
> Christopher Schmidt
> MetaCarta
Thanks all for your responses. I'm going to look into the issue more
closely, I will come back to you with questions if needed.
--
Eric
More information about the Users
mailing list