[OpenLayers-Users] Basic authZ issue
Eric Lemoine
eric.c2c at gmail.com
Wed Jul 9 15:38:07 EDT 2008
On Wed, Jul 9, 2008 at 9:23 PM, Yves Moisan <yves.moisan at boreal-is.com> wrote:
> Hi All,
>
> We are accessing a secure (Basic Auth) Apache directory through OL and
> users find it bothersome to fill in a pop up user:pass window. In a bid
> to bypass the popup, we're looking for a way to shove in the right
> header in the OpenLayers.Layer.WMS call.
>
> We succeeded using the XmlHTTPRequest object on its own. We also
> succeeded by modifying the proxy.cgi script people use for cross-domain
> access (by adding lines like those in the script before opening the
> request object) :
>
> base64string = base64.encodestring('%s:%s' % (username, password))[:-1]
> r.add_header("Authorization", "Basic %s" % base64string)
>
> Servers that used to return 401 (or 500 in IE) errors work well, so we
> know we are passing the right user:pass data. However, this does not
> work from OL. We don't know where to add headers to the request at the
> OL level. This
> http://trac.openlayers.org/browser/trunk/openlayers/lib/OpenLayers/Request.js?rev=7335 seems to cater for headers. Are there ways of doing that with the current version of OL ?
Hi Yves
OpenLayers uses <img> tags for requesting images through WMS. So if
the browser doesn't participate to the authentication process I don't
see how credentials can be included in the WMS request headers.
--
Eric
More information about the Users
mailing list