[Gvsig_english] WMS connection header

Antonio Falciano afalciano at yahoo.it
Tue Jul 17 20:22:50 CEST 2007 

jaume dominguez faus ha scritto:
> En/na rndbrb at libero.it ha escrit:
> 
>> ok Jaume
>> Sorry for the errors in the previuos post and lets start from the 
>> beginning.
>> To understand the follwing cons keep in mind that:
>>
>> A) HTTP is a stateless protocol;
>> B) Access to a WMS URL via GVSIg client is somewhat different then 
>> doing the same in a web browser (communication and, above all, the 
>> response has much more constraints).
>> C) the URL contained in the text below are only dummy url.
>>
>> Suppose you have a WMS server (in previous post sometimes you found 
>> WFS instead of WMS, I was wrong, i meant the server exposes WMS 
>> service and the client shows WMS data) exposing a single .shp file 
>> land_cover(ID, type, surface) and say you have two kind of clients 
>> (two offices) accessing the server. The first office  has to process a 
>> subset of the attributes in the shape while the second migth be 
>> interested in others.
>> This might be the case, for example, when an office works on 
>> quanatitative aspects, like percent of land covered by trees (for this 
>> clients only 'surface' should be the output), and the other office 
>> works on the dynamics of the types on the land (the client in this 
>> case should show only the attribute 'type' of the shape).
>> The same WMS service (the same URL) should produce two different 
>> responses for personnel belonging to the two offices. Another case 
>> where you might request a different response depending on the office 
>> (i.e the client ) is when the two offices competences differ by 
>> geographic area. So when a clerk belonging to the office 'A' requests 
>> the url "http://www.myWms/" he doesn't have to worry about selecting 
>> the area he works on, the WMS server can do the job for him. Still 
>> another case might be when you simply want to protect your spatial 
>> data and make it accessible only for some web users.
>> The goal till now is: one service, and hence one set of geographic 
>> data,  many ways of using it (am I asking too much ??)
>> How can we make it possible via http ??
>>  
>>
> Isn't it simpler if you just create a .map file for each service in the 
> same MapServer machine and grant access (via Apache's .htaccess or so)
> to one or another and then each .map file gives the behavior that you 
> are looking for? The process is the same (the URL says which service 
> will you be able to see by pointing to one .map file or to other) and 
> you don't need to care about to produce your own authentication code.

This is a good solution, but IMHO secure accesses are not granted. If an
organization uses a proxy server, I think that probably there's no way
to control the accesses in this manner. Another solution could be to
generate a 'temporary mapfile' after an authenticated request.

> More over, authentication is not defined in WMS so I'd bid for this 
> solution rather than the script. It is a lot simpler (if I understood 
> well the problem).
> 
> Was I useful?
> Regards,
> 

Best Regards,
Antonio Falciano

More information about the Gvsig_internacional mailing list