[Tilecache] Tilecache Authentication

Eric Lemoine eric.c2c at gmail.com
Mon Jan 14 13:20:51 EST 2008


Chris, when you say you'd write the auth code outside the server, you
mean outside TC?

2008/1/14, Christopher Schmidt <crschmidt at metacarta.com>:
> On Mon, Jan 14, 2008 at 11:25:51AM -0000, Gissur Þórhallsson wrote:
> > Hello
> > The problem now is that the tilecache server is still wide open. I'm
> wondering whether there are any tried and tested ways of authenticating
> calls to the tilecache?
>
> I would simply use HTTP authentication. Instead of doing anything fancy
> with cookies, sessions, etc. you just use Apache basic auth on the end
> point. Users are automatically prompted by their browser for a login
> when they're browsing tiles.
>
> If you want to do something more complex than that, I'd (personally)
> still write my authentication code *outside* the server -- probably in a
> mod_python auth handler, if I had to.
>
> > I ran  a search of the list archives and ran into this: HYPERLINK
> "http://www.nabble.com/WMS-Layer-Authentication-to11011267.html#a11011267"http://www.nabble.com/WMS-Layer-Authentication-to11011267.html#a11011267
> >
> > But I was unable to find said code in my distribution of tilecache, so I
> assume it's not in the build as of yet - anybody have any thoughts on that?
>
> Well, there's two things here:
>  1. I missed that patch. Dunno how, I'll make an effort to get it in at
>     some point soon.
>  2. It wouldn't help you. That's a patch for password protection on the
>     *backend* -- you're working on the frontend, and you've already
>     solved the problem that that patch solves with IP filtering.
>
> Regards,
> --
> Christopher Schmidt
> MetaCarta
> _______________________________________________
> Tilecache mailing list
> Tilecache at openlayers.org
> http://openlayers.org/mailman/listinfo/tilecache
>


More information about the Tilecache mailing list