WMS Driver does not support Authentication
|Reported by:||ChrisABailey||Owned by:||nowakpl|
The WMS driver does not currently support authentication. The WCS driver does but I believe the fetch mechanism was changes in the WMS driver to support multiple simultaneous requests.
I have been looking at the code and believe this will be relatively easy to do. If you agree with my approach I can make the following changes and submit a patch:
From a user standpoint we will add two new parameters to the WMS XML specification using the same convention as the WCS driver:
- <UserPwd> - May be supplied with userid:password to pass a userid and password to the remote server.
- <HttpAuth> - May be BASIC, NTLM or ANY to control the authentication scheme to be used.
If these are set we will pas these into the the WMS requests.
From an implementation stand point I will read the XML and store it in the GDALWMSDataset class.
In RasterBands.cpp I will add two new paramaters to http_request_opts which is passed to CPLHTTPInitializeRequest(...).
Finally I'll modify gdalhttp.cpp to set the appropriate CURL paramaters (just like cpl_http.cpp.)
I have a couple concerns.
- I only have one server that I can test with and it is not public so you would need to "trust me" that I tested with the server. Does anyone know of a way I could test this more thoroughly?
- I do not think it is a that good to require the password as plain text in the XML description file. I would like to add new methods to the WMSDataSet to "SetUserID" and "SetPassword". Then in In my application I would prompt for the password or store it hashed some way. Does this sound reasonable?