[thredds] [Fwd: TDS and CAS authentication]

To: John Caron <caron@xxxxxxxxxxxxxxxx>, thredds@xxxxxxxxxxxxxxxx
Subject: [thredds] [Fwd: TDS and CAS authentication]
From: Thomas LOUBRIEU <Thomas.Loubrieu@xxxxxxxxxx>
Date: Mon, 15 Sep 2008 18:02:03 +0200

Dear John,

I have tested further the CAS authentication provided with TDS, and Ihave noticed one problem.After the authentication, the first request is send to TDS with anadditional parameter which is "ticket=...".

I think this is used for initializing the session with the server.

It works well if the first request is on the 'html' form which does notcomplain about extra parameters.It works with the 'das' request as well, but if the first request is a'dds' or 'ascii' or 'dods' request, it fails because the ticketparameter is not understood.


Exemple of request :
http://www.ifremer.fr/thredds3/standard/dodsC/ARIVO-GLOBAL-ARIVO2002_07-OBS/FULL_TIME_SERIE.ascii?latitude&ticket=ST-72-FFr17wcSyYBaXIODlkof

What we did at IFREMER (in an extra tomcat filter), is to remove theticket parameter from the URL before sending it to the TDS servlet.

Please could you see if you could add this function in the TDS built-inCAS authentication ?


Thanks,

Thomas

--


-------------------------------------------------------------
Thomas LOUBRIEU
IFREMER IDM/ISI
BP70
29280 Plouzane
FRANCE

email: Thomas.Loubrieu@xxxxxxxxxx

WWW  : http://www.coriolis.eu.org/cdc
Tel.:  (+33) (0)2 98 22 48 53

Fax: (+33) (0)2 98 22 46 44

-------------------------------------------------------------

--- Begin Message ---

To: John Caron <caron@xxxxxxxxxxxxxxxx>

Subject: TDS and CAS authentication

From: Thomas LOUBRIEU <tloubrie@xxxxxxxxxxxxxxxx>

Date: Thu, 11 Sep 2008 13:55:08 +0200
Hi John,
Just a few words to let you know that I've finally moved ourauthentication/authorization system to the CAS system you provided withthe TDS release.It works well and for the moment it is the best way for us to handle theauthorization in TDS.
Do you have feedback on the usage of it through OPeNDAP client API(ferret, python, matlab, java, ...) ?We will focus on python and java to be able to request our restricteddatasets and I am confident, we'll be able to do so (even if some minoradaptations of API may be required).
One of our restricted dataset is :
http://www.ifremer.fr/thredds3/subcatalogs/DATA_CENTERS/LPO/ARIVO-GLOBAL-ARIVO2002_07-OBS/ARIVO-GLOBAL-ARIVO2002_07-OBS_FULL_TIME_SERIE.html?dataset=ARIVO-GLOBAL-ARIVO2002_07-OBS_FULL_TIME_SERIE
(your login 'jc1eed0' should be still working).

Thanks you for having provided this CAS authentication within TDS.

Best regards,

Thomas

--


-------------------------------------------------------------
Thomas LOUBRIEU
IFREMER IDM/ISI
BP70
29280 Plouzane
FRANCE
email: Thomas.Loubrieu@xxxxxxxxxx
WWW  : http://www.coriolis.eu.org/cdc
Tel.:  (+33) (0)2 98 22 48 53
Fax: (+33) (0)2 98 22 46 44
-------------------------------------------------------------
--- End Message ---

Follow-Ups:
- Re: [thredds] [Fwd: TDS and CAS authentication]
  - From: Thomas LOUBRIEU

2008 messages navigation, sorted by:
1. Thread
2. Subject
3. Author
4. Date
5. ↑ Table Of Contents
Search the thredds archives: