Thanks for the information, I am getting the idea. I would not like to restrict the cgi-bin as we have some maps that are not restricted. Would it be possible to restrict only the folder where the restricted Mapfiles are located?
Alberto Najera -----Mensaje original----- De: mapserver-users-boun...@lists.osgeo.org [mailto:mapserver-users-boun...@lists.osgeo.org] En nombre de Rahkonen Jukka Enviado el: miércoles, 30 de mayo de 2012 03:29 a.m. Para: 'mapserver-users@lists.osgeo.org' Asunto: Re: [mapserver-users] Restricted WMS access Hi, For simple needs you can configure Apache to use http basic authentication and make it to require https. http://httpd.apache.org/docs/2.0/howto/auth.html Setting basic authentication is simple but it does not give any real security without configuring Apache to use https instead of http. But anyway, Mapserver project does not give you tools for access control. Consider if https + basic authentication is enough for you. It may be if you do not need user roles and all it should do is either to give or deny access to Mapserver. Most simple way to do this is to put the cgi-bin directory behind passwords somehow like <Location "/cgi-bin"> Options None Order allow,deny Allow from all AuthType Basic AuthName "Please log in" # (Following line optional) AuthBasicProvider file AuthUserFile "c:/ms4w/apache/passwd/passwords" Require user user1 user2 user3 </Location> As a result only user1, user2 and user3 can reach cgi-bin if they give correct password. -Jukka Rahkonen- Richard Suematsu _______________________________________________ mapserver-users mailing list mapserver-users@lists.osgeo.org http://lists.osgeo.org/mailman/listinfo/mapserver-users