Ticket #105 (closed enhancement: fixed)

Opened 3 years ago

Last modified 4 months ago

Allow username and password to be passed via url, like ajax viewer

Reported by: andrewd Owned by: madair
Priority: P2 Milestone: 2.3
Component: MapGuide Version: SVN
Severity: Minor Keywords:
Cc: External ID:
state: Analysis Requested Browser: All
Operating System: All

Description

It would be nice if the Fusion viewer behaved like the other viewers when it comes to security. If we could pass usernames and passwords via the URL like we can for the ajax viewer, it would be a great improvement.

It's nice to be able to have passwords on layouts, but as the same time, there are also cases where you just want to be able to access those protected layouts without the user needing to login (for example, they've already logged into a portal site of some sort). I realize this could all be done by making a session and passing that, but for those of us who are using Studio or Maestro solely, then that's not a viable option.

Change History

Changed 3 years ago by pagameba

  • state changed from New to Analysis Requested
  • milestone changed from 1.1 to 2.0

reevaluate for 2.0

Changed 2 years ago by madair

  • milestone changed from 2.0 to 2.1

look into this for 2.1

Changed 19 months ago by madair

  • milestone changed from 2.1 to 2.2

Changed 18 months ago by madair

  • status changed from new to assigned

can you clarify the requirement here please? If there is a username/password combo passed in via query parameters, do you want user/pass to be passed along to all requests to the MG server? What is the best way to show the issue and test the solution?

Changed 18 months ago by andrewd

It's been a long time since I submitted this (2 years now), but I'll do my best...Here's how I recall things - The ajax viewer lets you log in via a url by using the "USERNAME=" and "PASSWORD=" args. For example, " http://server/mapguide/mapviewerajax/?WEBLAYOUT=Library://test/MainLayout.WebLayout&USERNAME=Administrator&PASSWORD=whatever". I have no idea what the mechanics of that are, but it's been that way since the start. I know that 2 years ago, this did not work if you were using a fusion layout. Who knows now - I've had to stay away from fusion because of this and a few other issues...but odds are, it's still the same as it was.

Does that help?

Changed 16 months ago by madair

  • milestone changed from 2.2 to 2.3

i'll need better requirements/use case description to fix this, deferring to 2.3

Changed 16 months ago by andrewd

I'm afraid that I've been as descriptive as I can be. The basics are simple - the Fusion viewer doesn't (or at least didn't, when I reported this 2 years ago) behave like the other viewers (DWF and AJAX) when it comes to passing usernames and passwords in a url. If it's by choice, then I for one would disagree with the choice, but so be it. If it's an oversight / bug, then it should really be fixed sometime.

Changed 4 months ago by jng

  • status changed from assigned to closed
  • resolution set to fixed

Fixed with r2434

Note: See TracTickets for help on using tickets.