Dear support, I'd like to control the access to my datasets (thredds version 3.8.03). I tried to configure Tomcat Users. Now all seems to works but I can't get ascii data (after the authentication). I can see an empty web page and and I can read this error in catalina.out: OUCH! IOException: Server returned HTTP response code: 401 for URL: http://137.204.52.160:8080/thredds/dodsC/agg/climatology.dods java.io.IOException: Server returned HTTP response code: 401 for URL: http://137.204.52.160:8080/thredds/dodsC/agg/climatology.dods at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:800) at dods.dap.DConnect.openConnection(DConnect.java:193) at dods.dap.DConnect.getDataFromUrl(DConnect.java:451) at dods.dap.DConnect.getData(DConnect.java:410) at dods.servlet.dodsASCII.sendASCII(dodsASCII.java:92) at dods.servlet.DODSServlet.doGetASC(DODSServlet.java:862) at dods.servlet.DODSServlet.doGet(DODSServlet.java:1459) at dods.servers.netcdf.NcDODSServlet.doGet(NcDODSServlet.java:264) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) at java.lang.Thread.run(Thread.java:534) In my ${tomcat_home}/webapps/thredds/WEB-INF/web.xml I added this security-constraint: <security-constraint> <display-name>User thredds</display-name> <web-resource-collection> <web-resource-name>thredds allowed</web-resource-name> <url-pattern>/dodsC/*</url-pattern> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>thredds</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> I'd like to know how to limit data access. Best regards, Luca --
Giacomelli Luca Laboratorio di Simulazioni Numeriche del Clima e degli Ecosistemi Marini Università degli Studi di Bologna-Corso di Laurea in Scienze Ambientali Via S.Alberto 163, 48100 Ravenna Tel. +39 0544937324 - Fax +39 0544937323 Ai sensi del D.Lgs. 196/2003 si precisa che le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario. Qualora il messaggio Le fosse pervenuto per errore, La invito ad eliminarlo senza copiarlo e a non inoltrarlo a terzi, dandomene gentilmente comunicazione. Grazie. Pursuant to Legislative Decree No. 196/2003, you are hereby informed that this message contains confidential information intended only for the use of the addressee. If you are not the addressee, and have received this message by mistake, please delete it and immediately notify me. You may not copy or disseminate this message to anyone. Thank you. |