Thanks to Antonio for his very quick response.
Unfortunately the problem is neither the %F40 nor the wget switch.
infact if I comment out the <Context> containing the <Realm JNDIRealm> in
server.xml
then the MemoryRealm is used (standard tomcat_users.xml credentials) and the
following commands work all fine:
ncdump -h
'https://XXXX:YYYYY@xxxxxxxxxxxxx:8290/medcordexh/dodsC/MEDCORDEX/test.nc'
cdo info
'https://XXXX:YYYYY@xxxxxxxxxxxxx:8290/medcordexh/dodsC/MEDCORDEX/test.nc'
ferret
use "https://XXXX:YYYYY@xxxxxxxxxxxxx:8290/medcordexh/dodsC/MEDCORDEX/test.nc";
Of course XXXX:YYYYY are the tomcat_users.xml credentials
But if I place again the following code into server.xml (thus setting LDAP
authentication)
<Context docBase="medcordexh" path="/medcordexh">
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://xxx.xxx.xxx.xxx";
connectionName="cn=yyy,dc=yyyy,dc=yyyy,dc=yy"
connectionPassword="mysecret"
roleBase="ou=Group,dc=yyyy,dc=yyyy,dc=yy"
roleName="groupId"
roleSearch="(memberUid={2})"
userPattern="mail={0},ou=People,dc=yyyy,dc=yyyy,dc=yy"
userRoleAttribute="mail"
roleSubtree="true"
/>
</Context>
then nor ferret use, nor ncdump, nor cdo work anymore (with the proper LDAP
credential, of course), while on the browser all it works (with the same
LDAP credentials)!
I also noticed a strange behaviour on the browser:
a) using MemoryRealm (tomcat-users.xml credentials) username & password are not
requested for browsing directories but only when (and if) the user
accesses netcfd files
b) using JNDIrealm (LDAP credentials) username & password are requested at the
very first access to any directory or netcdf file. This means that the
TDS is not browsable to unregistered users.
Thanks again for any help,
Emanuele
--
Emanuele Lombardi
ENEA Casaccia
I-00123 Roma (RM)
tel. +39 0630483366
http://utmea.enea.it/people/lombardi
