Cuurently all .gif and .jpg URLs served by a TDS are not applied any security, because of the "authenticationNOtRequiredPattern" value of the "authenticationFilter" in web.xml. The list of open URLs patterns should be changed to include ONLY those images that are part of the THREDDS distribution, namely:
Cuurently all .gif and .jpg URLs served by a TDS are not applied any security, because of the "authenticationNOtRequiredPattern" value of the "authenticationFilter" in web.xml. The list of open URLs patterns should be changed to include ONLY those images that are part of the THREDDS distribution, namely: