Ok, now i see the problem, its because the getAscii() makes a recursive call to itself. I will have to investigate how to fix that problem. Calls other than ascii should work, i think.
Luca Giacomelli wrote:
Hi John,
I think so....I make some tests with firefox, MS explorer and ferret.
With ferret is impossible to find informations into logs but with
firefox and MS explorer I found the exception inside catalina.out
I tried also to use this syntax
http://username:password@137.204.52.160:8080/thredds/dodsC/agg/climatology.ascii?time[0:1:11]
in order to renew username and password inside the new page opened
pushing "get ascii" button.
I'm sending you my catalog.xml
I think that the main password system works because I need username and
password in order to open the DOS Dataset Access Form.
Ciao, Luca
John Caron wrote:
Hi again:
Sorry, i misunderstood the stack trace below. It appears the TDS is
trying to access a password-protected opendap server, possibly itself?
Luca Giacomelli wrote:
Dear support,
I'd like to control the access to my datasets (thredds version
3.8.03). I tried to configure Tomcat Users. Now all seems to works
but I can't get ascii data (after the authentication). I can see an
empty web page and and I can read this error in catalina.out:
OUCH! IOException: Server returned HTTP response code: 401 for URL:
http://137.204.52.160:8080/thredds/dodsC/agg/climatology.dods
java.io.IOException: Server returned HTTP response code: 401 for URL:
http://137.204.52.160:8080/thredds/dodsC/agg/climatology.dods
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:800)
at dods.dap.DConnect.openConnection(DConnect.java:193)
at dods.dap.DConnect.getDataFromUrl(DConnect.java:451)
at dods.dap.DConnect.getData(DConnect.java:410)
at dods.servlet.dodsASCII.sendASCII(dodsASCII.java:92)
at dods.servlet.DODSServlet.doGetASC(DODSServlet.java:862)
at dods.servlet.DODSServlet.doGet(DODSServlet.java:1459)
at
dods.servers.netcdf.NcDODSServlet.doGet(NcDODSServlet.java:264)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
at
org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:534)
In my ${tomcat_home}/webapps/thredds/WEB-INF/web.xml I added this
security-constraint:
<security-constraint>
<display-name>User thredds</display-name>
<web-resource-collection>
<web-resource-name>thredds allowed</web-resource-name>
<url-pattern>/dodsC/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>thredds</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
I'd like to know how to limit data access.
Best regards, Luca
--
Giacomelli Luca
Laboratorio di Simulazioni Numeriche del Clima e degli Ecosistemi Marini
Università degli Studi di Bologna-Corso di Laurea in Scienze Ambientali
Via S.Alberto 163, 48100 Ravenna
Tel. +39 0544937324 - Fax +39 0544937323
Ai sensi del D.Lgs. 196/2003 si precisa che le informazioni contenute
in questo messaggio sono riservate ed a uso esclusivo del
destinatario. Qualora il messaggio Le fosse pervenuto per errore, La
invito ad eliminarlo senza copiarlo e a non inoltrarlo a terzi,
dandomene gentilmente comunicazione. Grazie.
Pursuant to Legislative Decree No. 196/2003, you are hereby informed
that this message contains confidential information intended only for
the use of the addressee. If you are not the addressee, and have
received this message by mistake, please delete it and immediately
notify me. You may not copy or disseminate this message to anyone.
Thank you.
--
Giacomelli Luca
Laboratorio di Simulazioni Numeriche del Clima e degli Ecosistemi Marini
Università degli Studi di Bologna-Corso di Laurea in Scienze Ambientali
Via S.Alberto 163, 48100 Ravenna
Tel. +39 0544937324 - Fax +39 0544937323
Ai sensi del D.Lgs. 196/2003 si precisa che le informazioni contenute in
questo messaggio sono riservate ed a uso esclusivo del destinatario.
Qualora il messaggio Le fosse pervenuto per errore, La invito ad
eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandomene
gentilmente comunicazione. Grazie.
Pursuant to Legislative Decree No. 196/2003, you are hereby informed
that this message contains confidential information intended only for
the use of the addressee. If you are not the addressee, and have
received this message by mistake, please delete it and immediately
notify me. You may not copy or disseminate this message to anyone. Thank
you.
------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<catalog name="SiNCEM THREDDS Server base Catalog"
xmlns="http://www.unidata.ucar.edu/namespaces/thredds/InvCatalog/v1.0";
xmlns:xlink="http://www.w3.org/1999/xlink";>
<service name="thisDODS" serviceType="OpenDAP" base="/thredds/dodsC/">
<datasetRoot path="test" location="/dataTest/"/>
</service>
<datasetScan name="Test all files in a directory" ID="testDatasetScan"
path="testAll" location="/dataTest/">
<metadata inherited="true">
<serviceName>thisDODS</serviceName>
</metadata>
<filter>
<include wildcard="*.nc" />
</filter>
</datasetScan>
<dataset name="Test Aggregation 1" ID="TestAgg" urlPath="agg/climatology">
<serviceName>thisDODS</serviceName>
<netcdf xmlns="http://www.unidata.ucar.edu/namespaces/netcdf/ncml-2.2";>
<dimension name="time" length="0"/>
<variable name="time" type="int" shape="time">
<attribute name="units" value="months since 2000-01-01 00:00"/>
<attribute name="_CoordinateAxisType" value="Time" />
</variable>
<aggregation dimName="time" type="joinNew">
<scan dateFormatMark="MEDATLAS_mersea_grid1o8_MED_CLIM_#MM" location="/dataTest/"
suffix=".nc" />
</aggregation>
</netcdf>
</dataset>
</catalog>
