Re: [thredds] Custom authentication scheme avoiding redirects

Hey Jon:

Redirects are used for sending the user to an https URL. Im guessing if you dont need that, it should be possible to authenticate without a redirect. cookies are not needed if you dont care about authentication overhead. our "per-dataset" authentication got rather complicated because we were trying to use https for authentication but send the data over http to avoid the enccyption overhead. We'll have to look at how to make the simple case simple.

I assume this is in the context of TDS/ncWMS ?

In the meanwhile, you might want to look at this page, assuming you can get in:

https://wiki.ucar.edu/display/esgcet/Adding+ESG+security+to+a+TDS+server

On 4/7/2010 3:43 AM, Jonathan Blower wrote:
Hi,

I'd like to be able to restrict access to a THREDDS server on a
per-dataset basis.  I note from the documentation
(http://www.unidata.ucar.edu/projects/THREDDS/tech/reference/RestrictedA
ccess.html) that the current scheme involves HTTP redirects and session
cookies.  However, some of the clients we use are not able to handle
redirects or cookies.

I would like to have per-dataset security which simply uses HTTP Basic
or Digest authentication without redirects or sessions.  I don't have an
immediate need for using SSL to encrypt passwords.  How can I go about
doing this?  I'd be comfortable creating new code that can be plugged in
to THREDDS if necessary.

Thanks,
Jon

--
Dr Jon Blower
Technical Director, Reading e-Science Centre
Environmental Systems Science Centre
University of Reading
Harry Pitt Building, 3 Earley Gate
Reading RG6 6AL. UK
Tel: +44 (0)118 378 5213
Fax: +44 (0)118 378 6413
j.d.blower@xxxxxxxxxxxxx
http://www.nerc-essc.ac.uk/People/Staff/Blower_J.htm


_______________________________________________
thredds mailing list
thredds@xxxxxxxxxxxxxxxx
For list information or to unsubscribe,  visit: 
http://www.unidata.ucar.edu/mailing_lists/



  • 2010 messages navigation, sorted by:
    1. Thread
    2. Subject
    3. Author
    4. Date
    5. ↑ Table Of Contents
  • Search the thredds archives: