Skip to content
This repository has been archived by the owner on Jul 17, 2024. It is now read-only.

WM(T)S mit basic Auth (manage permalink -> no pwd in permalink / ask user/pwd at start) #4725

Open
10 tasks
davidoesch opened this issue Feb 3, 2019 · 6 comments

Comments

@davidoesch
Copy link
Contributor

davidoesch commented Feb 3, 2019

als Secure Diensteanbieter WMS WMTS (basic auth)

will ich WM(T)S mit basic auth gesichert (u/p) im import werkzeug laden können analog zu https://www.ldbv.bayern.de/hilfe.html#import_wms

weil ich Datenbenen meiner gesichterten Dienste im Kartenviewer darstellen will für die Umsetzung Richtung "NGDI Viewer" ohne die Daten in die BGDI physisch zu integrieren zu müssen und einen Permalink auf einen von mir betriebenen Datensatz in map.geo.admin.ch darstellen will und somit meine einfachen WebMapping Anwendung ablösen kann

Akzeptanz Kriterium

Deliverables:

  • GUI
  • Works with Secure WMS from wms-swisstopo

out of scope:

  • user mmgt
  • cookie mmgt

How to Demo:

  • secure wms swisstopo
  • sec wms from geo sz @kuneppe
  • sec wms from geo so @edigonzales

Backlog:

related
#3869
#2414

@procrastinatio
Copy link
Contributor

procrastinatio commented Feb 7, 2019

You may rely on the fact that Basic Auth is sending its Authorization header every time.
Try the following:

1/ Load a page with a Basic Auth WMS (wms.swisstopo.admin.ch).
The layer is loaded but won't display (Swissimage secure)

https://s.geo.admin.ch/7ff2dc41d4

You must be outside BVNET

2/ "Log into" the secure WMS with Basic Auth (with username/password)

https://wms.swisstopo.admin.ch/?SERVICE=WMS&VERSION=1.3.0&REQUEST=GetMap&FORMAT=image%2Fpng&TRANSPARENT=true&LAYERS=ch.swisstopo.swissimage&CRS=EPSG%3A2056&STYLES=&WIDTH=960&HEIGHT=640&BBOX=2420000%2C1030000%2C2900000%2C1350000

A nice Swissimage image is displayed.

3/ Reload the map.geo.admin.ch page.

The Swissimage layer is displayed.

Better play with incognito windows, as there is no logout with Basic Auth. And of course, you WMS service has the correct CORS header (no proxy involved)

@davidoesch
Copy link
Contributor Author

@edigonzales --- this approach would be enough for you? Of course we would add the UI for u/p

@davidoesch
Copy link
Contributor Author

ping @edigonzales

@davidoesch
Copy link
Contributor Author

ping @edigonzales bräuchtn hier feedback zur Plannung

@edigonzales
Copy link
Contributor

Sorry...

I need a some form where I can enter my credentials since the url is always the same: geo.so.ch/wms. The response will be different if I send basic auth (in the header).

@davidoesch
Copy link
Contributor Author

@procrastinatio can you help @edigonzales

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

4 participants