Chapter 1: Introduction & Quick Start
In the most simple case the architecture of the 52°North Security System is quite simple:
You just have to deploy and configure the Web Security Service (WSS) that...
The WSS service is delivered as a zipped web archive file ('war') to be easily deployed in a Servlet container.
The easiest way to deploy a web application is to unzip the downloaded file and save wss.war to <TOMCAT_HOME>/webapps.
This section guides you through the steps to test the newly installed WSS with as few modifications needed as possible, making use of pre-defined services, users and policies.
When you downloaded and installed the WSS it is pre-configured to protect the Demis WMS. The URL of the protected service is http://localhost:8080/wss/service/wms_demis/httpauth (adjust host, port, and context name if necessary). It can be connected and loaded like any other WMS, but requires HTTP Basic Authentication.
The installation comes with three user accounts and defines the following access policies:
As the WSS base URL is a part of the policies, you most likely have to replace the default URL http://localhost:8080/wss with your actual WSS URL in the policies. If your actual WSS base URL matches the default URL you don't need to replace the URLs!
To do so, follow these steps:
To test the installation let us request the capabilities of the protected service using Bob's account.
In a browser open http://localhost:8080/wss/service/wms_demis/httpauth?SERVICE=WMS&REQUEST=GetCapabilities (adjust host, port, and path if necessary).
If you are requested for username/password, enter bob / bob.
You will receive a capabilities document that only contains the layers, Bob is allowed to see.
If you'd like to request the capabilites with a different user account (alice or guest) you have to restart the browser in order to invalidate Bob's cached credentials.
To load the protected service into uDig
You are now able to navigate the map as with any other WMS. If you use the info button to identify the features, you can only get information for the Countries layers -- according to the permissions.