Hi Jon,
The ESG security would require a redirect. Instead it would probably be easier
to add your own HTTP Basic/Digest based authentication servlet filter.
I hope you're at least using Digest method ;)
Cheers,
Phil
> -----Original Message-----
> From: thredds-bounces@xxxxxxxxxxxxxxxx [mailto:thredds-
> bounces@xxxxxxxxxxxxxxxx] On Behalf Of John Caron
> Sent: 09 April 2010 04:03
> To: thredds@xxxxxxxxxxxxxxxx
> Subject: Re: [thredds] Custom authentication scheme avoiding redirects
>
> Hey Jon:
>
> Redirects are used for sending the user to an https URL. Im guessing if
> you dont need that, it should be possible to authenticate without a
> redirect. cookies are not needed if you dont care about authentication
> overhead. our "per-dataset" authentication got rather complicated
> because we were trying to use https for authentication but send the
> data
> over http to avoid the enccyption overhead. We'll have to look at how
> to
> make the simple case simple.
>
> I assume this is in the context of TDS/ncWMS ?
>
> In the meanwhile, you might want to look at this page, assuming you can
> get in:
>
> https://wiki.ucar.edu/display/esgcet/Adding+ESG+security+to+a+TDS+serve
> r
>
> On 4/7/2010 3:43 AM, Jonathan Blower wrote:
> > Hi,
> >
> > I'd like to be able to restrict access to a THREDDS server on a
> > per-dataset basis. I note from the documentation
> >
> (http://www.unidata.ucar.edu/projects/THREDDS/tech/reference/Restricted
> A
> > ccess.html) that the current scheme involves HTTP redirects and
> session
> > cookies. However, some of the clients we use are not able to handle
> > redirects or cookies.
> >
> > I would like to have per-dataset security which simply uses HTTP
> Basic
> > or Digest authentication without redirects or sessions. I don't have
> an
> > immediate need for using SSL to encrypt passwords. How can I go
> about
> > doing this? I'd be comfortable creating new code that can be plugged
> in
> > to THREDDS if necessary.
> >
> > Thanks,
> > Jon
> >
> > --
> > Dr Jon Blower
> > Technical Director, Reading e-Science Centre
> > Environmental Systems Science Centre
> > University of Reading
> > Harry Pitt Building, 3 Earley Gate
> > Reading RG6 6AL. UK
> > Tel: +44 (0)118 378 5213
> > Fax: +44 (0)118 378 6413
> > j.d.blower@xxxxxxxxxxxxx
> > http://www.nerc-essc.ac.uk/People/Staff/Blower_J.htm
> >
> >
> > _______________________________________________
> > thredds mailing list
> > thredds@xxxxxxxxxxxxxxxx
> > For list information or to unsubscribe, visit:
> http://www.unidata.ucar.edu/mailing_lists/
> >
>
> _______________________________________________
> thredds mailing list
> thredds@xxxxxxxxxxxxxxxx
> For list information or to unsubscribe, visit:
> http://www.unidata.ucar.edu/mailing_lists/
--
Scanned by iCritical.
