Greetings Estani, I wonder if it was the same user whom contacted us. At any rate, the IDV uses netCDF-java, which should support SSL: http://www.unidata.ucar.edu/software/netcdf-java/reference/HTTPauthentication.html Glancing at some of the data access URLs, it looks like THREDDS catalogs are being used (at least on the LLNL portal). Given that netCDF, netCDF-Java, and THREDDS are all developed here, I'm sure we can get something working (especially with your knowledge on the ESGF side!). I'll chat with some people back at the office to see if maybe this has been taken care-of already (I'm sure this has been seen and implemented at the netCDF-Java level somewhere), and I'll look into what we would need to do at the IDV level. I know the IDV can handle authentication at some level, but it may require a plug-in to be written to handle the ESGF specifically. Cheers! Sean > Hi Sean, > > I'm part of the ESGF development team, so I might be able to answer > questions regarding the security infrastructure. > I have no knowledge on IDV, I just got the question from one of our > users. I know the latest NetCDF libraries already contained the ability > to authenticate in the system, but I'm not sure which libraries are > included in the IDV, or better said, how exactly IDV gets to the data. > > Basically if you try to download the NetCDF file, you'll get a redirect > to an SSL url, to which the app should present the client certificate. > After a successful authorization, the server sets a signed cookie and > redirects to the original url. Presenting the cookie there will allow to > get to the file. > > This all is taken care of if using a certain version of NetCDF... I > don't now from which on though the latest is certainly supporting this. > Browsing the repository shouldn't be a problem as all metadata is open. > getting to the file contents would work though. > > Besides the weather, everything else is great here in Hamburg :-) > > Cheers, > Estani > Am 05.05.2012 13:07, schrieb Unidata IDV Support: > > Greetings Estani! > > > > I think the IDV is capable of viewing the CMIP5 data, but I am not sure > > about browsing the ESG repository. I'm trying to get an account on the > > ESG-PCMDI gateway at LLNL for testing purposes, but their registration > > seems to be down (looks like they are updating their portal?). I once asked > > a user if it would be possible to authenticate in the browser, and then > > browse the data repository via IDV, but they never returned my message. > > This is something we can look into for sure, but it'll be much easier once > > I have an account. > > > > I hope all is well in Hamburg - I visited the wind tunnel group a few years > > ago (very nice people). > > > > Cheers! > > > > Sean > > > >> Hi, > >> > >> I was wondering if the IDV can be used for viewing CMIP5 data which is > >> protected by the ESGF security mechanism. Basically it should be able to > >> follow redirects and present an x509 pem certificate when connecting to > >> SSL. Storing a cookie session is also required. > >> > >> If this is already possible, is there a description somewhere on how to > >> proceed? > >> > >> Thanks, > >> Estani > >> > >> -- > >> Estanislao Gonzalez > >> > >> Max-Planck-Institut fÃr Meteorologie (MPI-M) > >> Deutsches Klimarechenzentrum (DKRZ) - German Climate Computing Centre > >> Room 108 - Bundesstrasse 45a, D-20146 Hamburg, Germany > >> > >> Phone: +49 (40) 46 00 94-126 > >> E-Mail: address@hidden > >> > >> > > > > Ticket Details > > =================== > > Ticket ID: HCE-394586 > > Department: Support IDV > > Priority: Normal > > Status: Open > > > > > -- > Estanislao Gonzalez > > Max-Planck-Institut fÃr Meteorologie (MPI-M) > Deutsches Klimarechenzentrum (DKRZ) - German Climate Computing Centre > Room 108 - Bundesstrasse 45a, D-20146 Hamburg, Germany > > Phone: +49 (40) 46 00 94-126 > E-Mail: address@hidden > > Ticket Details =================== Ticket ID: HCE-394586 Department: Support IDV Priority: Normal Status: Open
NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.