|
|
| GeoCommunity Mailing List |
| |
| Mailing List Archives |
| Subject: | Re: [gislist] Restricted Services in ArcIMS 9.1? |
| Date: |
06/09/2006 01:35:01 PM |
| From: |
Ratz, Dave |
|
|
Travis,
I've tested using JDBC to control access to our ArcIMS services. We
don't have the restrictions in production yet, but I did see it work on
a set of clustered blade servers. Here's what I documented. Hope it
helps.
ArcIMS - Enabling Service Authentication via SQL and JDBC
To set up restricted ArcIMS services using a JDBC-based Access Control
List, perform the following steps on each of the web-blades.
*BLADESERVER01 (161.xxx.xxx.xxx)
*BLADESERVER02 (161.xxx.xxx.xxx)
Step 1: Make sure Tomcat 5028 is properly installed on the server.
Look in "ControlPanel/AdminTools/Services" to see if Apache Tomcat is
running. If not, use the following instructions to install Tomcat.
http://support.esri.com/index.cfm?fa=knowledgebase.techarticles.articleS
how&d=29051
Step 2: Install JDBC driver:
Get the JDBC driver from the following link and install using the
default options.
<http://www.microsoft.com/downloads/details.aspx?FamilyID=07287b11-0502-
461a-b138-2aa54bfdc03a&DisplayLang=en>
http://www.microsoft.com/downloads/details.aspx?FamilyID=07287b11-0502-4
61a-b138-2aa54bfdc03a&DisplayLang=en
After Install, Copy these files To this location
C:Program FilesMicrosoft SQL Server 2000 Driver for JDBClib
Msbase.jar
Mssqlserver.jar
Msutil.jar C:Tomcat5028sharedlib
Step 3: Create a new System Environment Variable.
Right-click on My Computer, Properties, Advanced tab, Environment
Variables button.
Under the "System Variables" list, click NEW.
Variable name CLASSPATH
Variable value
C:Tomcat5028sharedlibmsbase.jar:C:Tomcat5028sharedlibmsutil.jar:
C:Tomcat5028sharedlibmssqlserver.jar
Step 4: Add new tables to SQL
I created two new tables (ArcIMS_users, ArcIMS_permissions) in a new
database (IMSUsers).I used a script to auto-create the files and prefill
them with some sample permissions which I later replaced with values
specific to our setup. I've listed my creation script just below these
two table definitions.
ArcIMS_users
The user table contains the list of usernames
and passwords for the services. It also contains a unique user ID that
ArcIMS will use to relate this table to the permissions table. The name
of this table should be the same as the name you specified in the
Esrimap_prop file for jdbcUserTable. This table should contain the
following columns:
Column name Datatype (width)
userid number (32)
username varchar (64)
password varchar (64)
For added flexibility, you can name the user ID column anything you
want, as long as it's the same name you specified in the Esrimap_prop
file for jdbcUidColumn. The other two columns should be named username
and password.
For a description of all columns, see the
<file:///C:Program%20FilesArcGISArcIMSManagerHelpservlet_connector
acl_attribute_reference.htm> ACL attribute reference
<file:///C:Program%20FilesArcGISArcIMSManagerHelpservlet_connector
acl_attribute_reference.htm> .
Populate the user table with usernames and passwords. Make sure the
userid is unique. You can use an asterisk (*) to indicate services that
all clients should have access to without entering a username and
password.
userid username password
1 *
2 user1 user1
3 user2 user2
4 user3 user3
ArcIMS_permissions
The permissions table associates each Service
with one or more usernames and passwords. The name of this table should
be the same as the name you specified in the Esrimap_prop file for
jdbcPermTable. This table should contain the following columns:
Column name Daratype (width)
userid number (32)
service varchar (64)
active number (32)
expiration date (format 'MM/DD/YYY HH:MM:SS')
tclients varchar (1024)
ftags varchar (1024)
roles varchar (1024)
The user ID column name should match the name you specified in the user
table and in the Esrimap_prop file for jdbcUidColumn. The other columns
should be named as shown above.
For a description of all columns, see the
<file:///C:Program%20FilesArcGISArcIMSManagerHelpservlet_connector
acl_attribute_reference.htm> ACL attribute reference
<file:///C:Program%20FilesArcGISArcIMSManagerHelpservlet_connector
acl_attribute_reference.htm> .
Populate the permissions table with the user ID, service names, and
active state. Each record may contain only one service name. The user ID
relates the service to the username and password. You can enter
additional records with the same user ID to associate more than one
service with a particular username and password. The table below shows a
basic configuration of the permissions table.
userid service active expiration tclients ftags roles
1 Map1 1 metadata_browser
1 Map2 1 metadata_browser
1 Map3 1 metadata_browser
2 Map4 0 metadata_publisher
2 Map5 0
3 Map4 1
4 Map5 1
You can optionally fill
|
|
Sponsored by:
For information
regarding
advertising rates
Click Here!
|
