Jaakko Ruutiainen wrote: > >> > wms_basic_http_auth.patch allows use of WMS servers protected with >> > basic HTTP authentication. Credentials are taken from URL, >> which can >> > be entered as 'http://user:[EMAIL PROTECTED]/path' > >> I have been testing WMS with basic authentication and it works fine. >> There is one issue: If the WMS server, in addition to using >> basic authentication, is also having different URLs for >> GetCapabilities and GetMap requests, the authentication is >> lost and GetMap fails. Jaakko is aware of this problem. I >> don't believe this kind of server configuration is very common.
> I have some ideas on fixing that. But I was wondering that if GetMap and > GetCapabilities have different URLs, do they still always use same > credentials? Does anything else make any sense at all? GetCapabilities URL is all that the WMS client is supposed to know in the beginning. Server may send another URL for GetMap, but if that URL would need different dredentials the only way to tell it to the client would be to send the credentials as well. Well, it is https and safe in that way, but still anyone who knows the GetCapabilities username/password would get the new credentials. Thus no more security would be achieved but the system would be just more complicated. In our case the WMS service provider is willing to send different GetMap URLs because for them it is a simple way to share the GetMap load for several servers in the future. It may not be so simple for the users because WMS clients do not necessarily support this configuration. -Jukka Rahkonen- ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Jump-pilot-devel mailing list Jump-pilot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel
