[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[THREDDS #BTY-229773]: THREDDS - catalog generation of remote sites

Hi Katherine,

> > 1) How do you currently access the data on the various
> > machines? Mounted disks? Web servers? OPeNDAP?
> Currently via disks.

You should be able to use the path to the file on disk in the datasetScan 
location attribute rather than using an http URL as you had in the earlier 
> > 2) Is access to the data restricted?
> Some yes, some no

Restricted to you on disk? Or just that outside access needs to be restricted.
> > 3) Besides XML and HTML catalogs, sounds like you want to
> > serve the data over OPeNDAP. Are you interested in WCS as well?
> Not at the moment
> > 4) Sounds like you want to restrict access to catalogs as
> > well as data. Is that right?
> Yes

We've recently added the ability to restrict access to datasets. We don't 
currently have a way to restrict access to catalogs. Here's a link to more 
information on restricting access to datasets:

> > 5) Are you running a stand-alone Tomcat (servlet container)
> > or do you have an Apache server front-end?
> Apache Server

You could use Apache Server access control to control catalogs and datasets. 
The TDS access control is a bit more fine grained on what you can restrict but 
as I mention above it can't restrict access to catalogs.

You could use the TDS to restrict datasets and Apache to restrict catalogs. But 
that would mean having to handle user and group/role information in two 
different locations. Not pretty.

The TDS access control scheme allows administrators to plug-in their own 
authenticator (there's a link with more information on the page at the above 
URL). Don't know if that might be useful for you.

Hope this helps,


Ticket Details
Ticket ID: BTY-229773
Department: Support THREDDS
Priority: High
Status: Open

NOTE: All email exchanges with Unidata User Support are recorded in the Unidata inquiry tracking system and then made publicly available through the web. If you do not want to have your interactions made available in this way, you must let us know in each email you send to us.