password protection

John Caron caron at unidata.ucar.edu
Tue May 16 10:10:17 MDT 2006 

Hi again:

Sorry, i misunderstood the stack trace below. It appears the TDS is 
trying to access a password-protected opendap server, possibly itself?

Luca Giacomelli wrote:

>Dear support,
>I'd like to control the access to my datasets (thredds version 3.8.03). I tried to configure Tomcat Users. Now all seems to works but I can't get ascii data (after the authentication). I can see an empty web page and and I can read this error in catalina.out:
>
>OUCH! IOException: Server returned HTTP response code: 401 for URL: http://137.204.52.160:8080/thredds/dodsC/agg/climatology.dods
>java.io.IOException: Server returned HTTP response code: 401 for URL: http://137.204.52.160:8080/thredds/dodsC/agg/climatology.dods
>        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:800)
>        at dods.dap.DConnect.openConnection(DConnect.java:193)
>        at dods.dap.DConnect.getDataFromUrl(DConnect.java:451)
>        at dods.dap.DConnect.getData(DConnect.java:410)
>        at dods.servlet.dodsASCII.sendASCII(dodsASCII.java:92)
>        at dods.servlet.DODSServlet.doGetASC(DODSServlet.java:862)
>        at dods.servlet.DODSServlet.doGet(DODSServlet.java:1459)
>        at dods.servers.netcdf.NcDODSServlet.doGet(NcDODSServlet.java:264)
>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
>        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
>        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
>        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
>        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
>        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>        at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
>        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
>        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
>        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
>        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
>        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
>        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
>        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
>        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
>        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>        at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
>        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
>        at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
>        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
>        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
>        at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
>        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
>        at java.lang.Thread.run(Thread.java:534)
>
>In my ${tomcat_home}/webapps/thredds/WEB-INF/web.xml I added this security-constraint:
> <security-constraint>
>    <display-name>User thredds</display-name>
>    <web-resource-collection>
>      <web-resource-name>thredds allowed</web-resource-name>
>      <url-pattern>/dodsC/*</url-pattern>
>      <http-method>GET</http-method>
>    </web-resource-collection>
>    <auth-constraint>
>      <role-name>thredds</role-name>
>    </auth-constraint>
>    <user-data-constraint>
>      <transport-guarantee>NONE</transport-guarantee>
>    </user-data-constraint>
>  </security-constraint>
>
>I'd like to know how to limit data access.
>
>Best regards, Luca
>
>
>  
>
> -- 
> Giacomelli Luca
> Laboratorio di Simulazioni Numeriche del Clima e degli Ecosistemi Marini
> Università degli Studi di Bologna-Corso di Laurea in Scienze Ambientali
> Via S.Alberto 163, 48100 Ravenna
> Tel. +39 0544937324 - Fax +39 0544937323
>
> Ai sensi del D.Lgs. 196/2003 si precisa che le informazioni contenute 
> in questo messaggio sono riservate ed a uso esclusivo del 
> destinatario. Qualora il messaggio Le fosse pervenuto per errore, La 
> invito ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, 
> dandomene gentilmente comunicazione. Grazie.
>
> Pursuant to Legislative Decree No. 196/2003, you are hereby informed 
> that this message contains confidential information intended only for 
> the use of the addressee. If you are not the addressee, and have 
> received this message by mistake, please delete it and immediately 
> notify me. You may not copy or disseminate this message to anyone. 
> Thank you.



==============================================================================
To unsubscribe thredds, visit:
http://www.unidata.ucar.edu/mailing-list-delete-form.html
==============================================================================

More information about the Thredds mailing list