On 15.12.2014 22:45, Rahkonen Jukka (Tike) wrote:
> 1) OpenJUMP does not support very well authentication. All it can do is to 
> add user:password before the base URL as 
> https://user:password@base_url.<https://user:password@base_url./> 

we could obfuscate that behind an authentication prompt UI. not sure it is 
worth the effort, as the user editing should be the user needing the data and 
hence knowing the credentials to that wms server anyway. you might sway my 
opinion here.

>This is not the same URL that is advertised for GetMap because GetCapabilities 
>document hopefully does not show the user name and password as plain text

already fixed that locally, it reuses the credentials of the GetCap request if 
the advertised GetMap url does not contain any, just for the weird case they 
deliver creds. 
the credentials are still shown in the text field though.

additionally working on adding a possibility to modify wms url in 
WMSQueryEditor later.

> 
> 2) The user:password in OpenJUMP is really tested only with https. Basic 
> authentication withour https does not make much sense because credentials are 
> too easy to capture from unsecured traffic. However, the server that Andrei 
> is using does exactly use basic auth over plain http.

right. http auth without encrypted transport layer is negligently insecure. 
still, if the server is configured without SSL, who are we to judge and 
prohibit access via plain HTTP.

..ede

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Jump-pilot-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jump-pilot-devel

Reply via email to