|
|
Hi,
I have an asp.net website which requires a username and password to access.
I also have a WMS server which is bare to the world. Both servers are on the
same domain. I would like to restrict access to the WMS server based on
username and password on the website.
It is my understanding that I can accomplish the task by building a custom
authentication plugin on the WMS server and then setting a flag in a DB from
the website that the custom plugin can read to give access to the WM client.
I understand the principal, but I still need to identify the client on the
WMS server (so I know which record to pull for a permissions check from the
DB).
The two ways I have heard of doing this is 1. IP address, that is, the
webserver adds a DB record giving access to a certain IP address which the
WMS plugin can lookup when the client connects, 2. a cookie is passed which
the plugin can use to lookup in the DB. I prefer option two so far.
Has anyone got other ideas along these lines, and... could someone show a
very simple sample... or just explain how I pass the cookie from the asp.net
app, and read it from the authentication cookie.
Thanks!!
James
|
|
|