GDS Web Page Security
Middle East & Asia Globe
Blue Marble
Plot data geographically

Goto: Documentation Home

A GDS server implements security in order to protect the underlying data. This security can be applied at several levels in order to protect reports, or parts of the GNAP protocol itself.

Protecting Individual Pages

Single Web Pages can be protected using the <fieldpine:auth> tag in the HTML source code. When this tag is encountered the render engine verifies that the security requirement listed is true before continuing to render the HTML document.

<fieldpine:auth type="NTLM">

Enabling Security Options on Domains

By default, domains are only enabled to use BASIC auth. When a security authorization is required, GDS sends a HTTP unauth response, listing "basic" as the acceptable response. You can control the security authorization techniques on a domain by domain basis.

Each domain to be protected has a line added into globaldata.ctl control file, listing the security options for that domain.

hostopt:www.fieldpine.com=auth=NTLM,BASIC

The following auth types are currently defined:

Enabling NTLM, Step by Step instructions

The following checklist/example illustrates how NTLM security can be placed on a single web page, so that only Active Directory logged in and identified users can access the page. This example is intended as a guide and may not show all the steps required for every configuration.

  1. Edit globaldata.ctl and insert the following line (inserting the domain name as required)
    hostopt:www.mydomain.com=auth=NTLM
    

  2. Restart GDS in order to detect the security change above.

  3. Edit the HTML document and insert the following tag on a line by itself, near the top of the HTML source document.
    <fieldpine:auth type="NTLM">
    

  4. Attempt to browse the web page (using Microsoft Internet Explorer or other browser that supports NTLM), if you are logged in via Active Directory, access should be granted, otherwise your request should be denied or display a login dialog.