Hi Scott, thanks for the reply. I'm not very familiar with PHP, could you explain what a wrapper is and how to put that around the mapserv binary? A snippet of the apache2.conf file would also be helpful.
Cheers, Neil On Wed, 16 Nov 2022 at 22:58, Scott <pub...@postholer.com> wrote: > Another way is to put a wrapper around your mapserv binary. I use PHP, > call my wrapper 'reflect' then let apache know to use PHP on 'reflect'. > Note the lack of .php extension. If you did have the extension no extra > modifications to apache conf would be required. > > This has huge benefits. The single biggest advantage is I can use a > non-standard WMS uri, ie, pass only a width or height then calculate the > missing dimension from bbox. This always results in a perfect aspect > ratio for the resulting image. (Yes, GeoServer uses the name 'reflect', > too. No accident). > > I also use it for security screening. 'GetCapabilities' has also been > intercepted and largely disabled. > > On 11/16/22 12:00, Neil Underhill wrote: > > > > Posting here as I didn't yet get a reply to the same query on > > StackOverflow > > ( > https://stackoverflow.com/questions/74309087/setting-up-authorization-to-mapserver-using-apache2-htaccess > < > https://stackoverflow.com/questions/74309087/setting-up-authorization-to-mapserver-using-apache2-htaccess > >). > > > > I am running a website with Apache/2.4.53 (Debian) and Mapserver 7.6.2. > > I have set up a 'secure' part of the web site following instructions > > here: > > > https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-14-04 > < > https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-14-04> > . > > > > I would now like to display some geospatial data held in Mapserver via > > an Openlayers WFS map on the secure site. The challenge I have is that > > once a user logs in, they can see the MapServer access details in the > > Openlayers script so have the server URL and mapfile name, and can > > access this outside the secure site i.e. without going through Apache > > authentication. > > > > There was some discussion about securing access MapServer 11 years ago > > ( > https://gis.stackexchange.com/questions/5686/securing-wms-against-unauthorized-access > < > https://gis.stackexchange.com/questions/5686/securing-wms-against-unauthorized-access>) > but this didn't seem applicable. > > > > As I understand it Mapserver is accessed through a CGI to which requests > > are redirected through Apache. Would moving the /usr/bin/mapserv > > executable into a folder managed by Apache2 work? (as seems to be > > suggested here: > > > https://stackoverflow.com/questions/51850322/cgi-bin-htaccess-or-apache2-config-rules-bring-up-password-dialog-but-cgi-exec > < > https://stackoverflow.com/questions/51850322/cgi-bin-htaccess-or-apache2-config-rules-bring-up-password-dialog-but-cgi-exec > > > > > > Any advice appreciated. > > > > _______________________________________________ > > MapServer-users mailing list > > MapServer-users@lists.osgeo.org > > https://lists.osgeo.org/mailman/listinfo/mapserver-users > _______________________________________________ > MapServer-users mailing list > MapServer-users@lists.osgeo.org > https://lists.osgeo.org/mailman/listinfo/mapserver-users >
_______________________________________________ MapServer-users mailing list MapServer-users@lists.osgeo.org https://lists.osgeo.org/mailman/listinfo/mapserver-users