cpiker
commented
4 years ago So das2 servers use HTTP basic authentication.
There is an API in das2C where an authentication credentials manager object pointer DasCredMngr* can be given to the dataset requester. If the request fails with an HTTP 401 error, the auth manager is asked for the base64 hash that goes with that server and that data source.
There is a built in Auth manager object supplied with das2C that prompts for a password on the command line but that's probably not suitable. It can store the response in a key file in the users $HOME (or %USERPROFILE%) directory, but this is not encrypted.
Probably some sort of callback into SPEDAS is needed to get authentication tokens. The callback would be supplied with the flowing information that it can either display to the end user or use for a stored key lookup:
- Server URL (ex: https://zeus.physics.uiowa.edu/das/server)
- Data source name (ex: Juno/WAV/Survey)
- HTTP Auth Realm (ex: Juno Magnetospheric Working Group)
- Server identification PNG image (can be bitmap if desired).
Items 1-3 could be used to access the SPEDAS keystore to get the hash. If no hash is present for the given DB keys, SPEDAS could prompt the user. No matter how it got it, the callback would need to supply a HTTP Basic Auth hash (i.e. base64('user:password')).
So how does SPEDAS handle current non-das2 data sources that are password protected?
SPEDAS team would like to acquire Juno data using das2dlm. However, some of the repositories are protected by password, for example: http://jupiter.physics.uiowa.edu/das/server?server=dataset&dataset=Juno/JED/ProtonSpectra&start_time=2016-242&end_time=2016-243&ascii=1
It would be great to add HTTP authorization feature.