APOLLO & ECW/JP2 Discussions

Wondering how others have configured their ERDAS APOLLO server or what data they are crawling? The ERDAS APOLLO Discussion board is a place to find information, share ideas and more. Join the community, connect, contribute and share.
Showing results for 
Search instead for 
Do you mean 
Reply
Highlighted
Contributor
Posts: 45
Registered: ‎05-11-2017

Apollo Essentials Advanced security

Hi all,

 

Is there anyone who used Advanced security option for services in Apollo Core Consloe?

 

Is there any descriprion how to set up Advanced security and limit access to services to users with passwords.

 

I have seen only this

https://hexagongeospatial.fluidtopics.net/reader/7G7I~2KVfVH5Nn48PjXJjg/~Ykt8H4XYuKriPM51ZtbyQ

in documentation, but it is not clear completely.

 

Best regards,

Micko

Highlighted
Staff
Posts: 136
Registered: ‎05-31-2016

Re: Apollo Essentials Advanced security

[ Edited ]

It is fairly simple, just start by pointing your Apollo Core server to a simple service (I think last time I used ASP.NET with C#) with a debugger attached and you will soon see how it works.

Your service just needs to be able to read the xml document sent from Apollo Core and determine if the user is authorized (you can use whatever method you want to determine if the user is authorized) and respond with an xml document that allows Apollo Core to decide if the user is Authorized.

The xml document details are in the link in your question, this should be all you need to figure it out.

 

E.G. this might be sent to your service

<IWSAuthRequest version="2.0">

<userid>John</userid>

<token>fgh4e67</token>

<ipaddress>192.100.22.98</ipaddress>

<wms name="sample" servicename="SERVICE_NAME" />

</IWSAuthRequest>

 

And if it is authorized your service would respond to Apollo with

<IWSAuthResponse status="allow" version="2.0">

    <wms name="sample" />
</IWSAuthResponse>

 

or unauthorized

<IWSAuthResponse status="unauthorized" version="2.0">

<wms name="sample" />
</IWSAuthResponse>

 

or forbidden

<IWSAuthResponse status="forbidden" version="2.0">

<wms name="sample" />
</IWSAuthResponse>

 

 

If you have Apollo Advantage/Professional you can see the IWSAuthRequest and IWSAuthResponse xml in the log when the logging level is set to Debug

Highlighted
Contributor
Posts: 45
Registered: ‎05-11-2017

Re: Apollo Essentials Advanced security

Dear phudson,

 

Thanks for your reply.

 

I have Apollo Core console with created service, and I want secure service with username and pasword (for several users).

I am not expirianced ERDAS Apollo user, and I am not sure how to implement this from your message.

 

In Core consloe for every single service, there is security part. If I chose Advanced Security, I am not sure what is next step.

There is some example in help, included with Apollo instalation, that uses an ASP page and an Access Database, but I do not know what I should to do to implement it.

 

I have problem with first step. What I should type as Authentication URL?

 

Regards,

Micko

Highlighted
Staff
Posts: 136
Registered: ‎05-31-2016

Re: Apollo Essentials Advanced security

[ Edited ]

The authentication URL needs to point to the service that YOU create. So this would be your ASP page that takes the XML from Apollo and returns XML to Apollo that will either allow or deny access.

Captureexp.JPG

 

Capturecore.JPG

 

The Access sample can be difficult to set up unless you have a 64 bit version of Access

 

.

I would start with something simple.

I hope this explains what is going on

 

<%@ Page Language="C#" %>
<% 
    Dictionary<string, string> users = new Dictionary<string, string>()
    {
       {"john", "fgh4e67"},
       {"phil", "password"}
    };

    string responseStatus = "unauthorized";
    
System.Xml.XmlDocument doc = new System.Xml.XmlDocument(); string body = new System.IO.StreamReader(Request.InputStream).ReadToEnd(); doc.LoadXml(body); //IWSAuthRequest from Apollo Core string username = doc.SelectSingleNode("//userid").InnerText.Trim(); string password = doc.SelectSingleNode("//token").InnerText.Trim(); if (!username.Equals("")) //validate user and password if supplied { string userPassword = ""; if(users.TryGetValue(username, out userPassword)) { responseStatus = (userPassword.Equals(password))?"allow":"unauthorized"; } } //send IWSAuthResponse to Apollo Core string responseXml = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>" + "<IWSAuthResponse status=\"" + responseStatus + "\" version=\"2.0\">" + "</IWSAuthResponse>"; Response.ContentType = "text/xml"; Response.Write(responseXml); return; %>

Once you have the debugger attached you should be able to step through the code see how it all works.