[InterMine Dev] set limited permission to user account

Justin Clark-Casey jc955 at cam.ac.uk
Fri Aug 7 15:48:01 BST 2015


Hi Pengcheng.  I'm afraid I'm not very familiar with JBrowse yet, though 
as it happens I need to look at it pretty soon to work out why it 
stopped working properly on http://synbiomine.org (the mine I work on).

However, I believe the mechanism (as you may have already seen) is that 
InterMine passes a service URL to the JBrowse installation which it then 
uses to get the data from an InterMine web service.  I'm guessing it's 
this last part that's failing now you've put in the login requirement.

I'm afraid I don't know at the moment how you would let JBrowse bypass 
this J2EE mechanism.

On 06/08/15 01:53, Pengcheng Yang wrote:
> Hi Justin,
>
> Thank you for your help. Another question derived from this implementation.
>
> After implement this function. It is required to login. However, it also
> prevent the JBrowse to acquire the content of the Mine. The embedded
> JBrowse also don't work. Is there a method to let JBrowse skip the login
> page?
>
> Best,
> Pengcheng Yang
>
>
> On 2015/8/6 7:23, Pengcheng Yang wrote:
>>
>> Hi Justin,
>>
>> Thank you for your help. It has been done follow your suggestion.
>>
>> Best,
>> Pengcheng Yang
>>
>>
>> On 2015/8/5 23:13, Justin Clark-Casey wrote:
>>> Hi Pengcheng,
>>>
>>> Perhaps change
>>>
>>> intermine/webapp/main/resources/webapp/WEB-INF/web.xml
>>>
>>> and add your login2.jsp to
>>>
>>> intermine/webapp/main/resources/webapp/login2.jsp
>>>
>>> before rebuilding the webapp?
>>>
>>> -- Justin
>>>
>>> On 05/08/15 01:01, Pengcheng Yang wrote:
>>>> Hi,
>>>>
>>>> Currently I implement this through [1], however, I found I have to redo
>>>> this after every time I redeploy the Mine Project. Is there any way to
>>>> embed this two scripts into the Mine before deploying.
>>>>
>>>> Thanks for any suggestions!
>>>>
>>>> Best,
>>>> Pengcheng Yang
>>>>
>>>>
>>>> [1] implement the user permission limitation
>>>>
>>>> after every time redeploy the database
>>>>
>>>> ###############################
>>>>
>>>> ##add the following line to
>>>> apache-tomcat/webapps/PROJECT/WEB-INF/web.xml in the
>>>>
>>>> ###############################
>>>>
>>>> <security-constraint>
>>>>
>>>> <web-resource-collection>
>>>>
>>>> <display-name>Example Security Constraint</display-name>
>>>>
>>>> <web-resource-name>My Test</web-resource-name>
>>>>
>>>> <url-pattern>/*</url-pattern>
>>>>
>>>> </web-resource-collection>
>>>>
>>>> <auth-constraint>
>>>>
>>>> <role-name>tomcat</role-name>
>>>>
>>>> </auth-constraint>
>>>>
>>>> </security-constraint>
>>>>
>>>> <login-config>
>>>>
>>>> <auth-method>FORM</auth-method>
>>>>
>>>> <realm-name>Example Form-Based Authentication Area</realm-name>
>>>>
>>>> <form-login-config>
>>>>
>>>> <form-login-page>/login2.jsp</form-login-page>
>>>>
>>>> <form-error-page>/error2.jsp</form-error-page>
>>>>
>>>> </form-login-config>
>>>>
>>>> </login-config>
>>>>
>>>> ####################
>>>>
>>>> ##the file apache-tomcat/webapps/PROJECT/login2.jsp
>>>>
>>>> ###################
>>>>
>>>> <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
>>>>
>>>> <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
>>>>
>>>> <%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
>>>>
>>>> <%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html" %>
>>>>
>>>> <%@ taglib tagdir="/WEB-INF/tags" prefix="im"%>
>>>>
>>>> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
>>>>
>>>> <!-- login.jsp -->
>>>>
>>>> <html:xhtml/>
>>>>
>>>> <form method="POST" action='<%=
>>>> response.encodeURL("j_security_check") %>' >
>>>>
>>>> <table border="0" cellspacing="5">
>>>>
>>>> <tr>
>>>>
>>>> <th align="right">Username:</th>
>>>>
>>>> <td align="left"><input type="text" name="j_username"></td>
>>>>
>>>> </tr>
>>>>
>>>> <tr>
>>>>
>>>> <th align="right">Password:</th>
>>>>
>>>> <td align="left"><input type="password" name="j_password"></td>
>>>>
>>>> </tr>
>>>>
>>>> <tr>
>>>>
>>>> <td align="right"><input type="submit" value="Log In"></td>
>>>>
>>>> <td align="left"><input type="reset"></td>
>>>>
>>>> </tr>
>>>>
>>>> </table>
>>>>
>>>> </form>
>>>>
>>>>
>>>> ======================================
>>>>
>>>>
>>>>
>>>> On 2015/7/23 16:16, Pengcheng Yang wrote:
>>>>> Hi,
>>>>>
>>>>> I have implemented the function using the role-name and the
>>>>> url-pattern, following the [1,2,3] direction.
>>>>>
>>>>>
>>>>> http://stackoverflow.com/questions/1089600/tomcat-security-constraint-for-valid-user
>>>>>
>>>>>
>>>>> http://stackoverflow.com/questions/11382159/tomcat-7-form-based-authentification
>>>>>
>>>>>
>>>>> https://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html
>>>>>
>>>>> Is this feature possible be integrated into InterMine in the future?
>>>>>
>>>>> Best,
>>>>> Pengcheng Yang
>>>>>
>>>>>
>>>>> On 2015/7/23 9:13, Pengcheng Yang wrote:
>>>>>> Hi,
>>>>>>
>>>>>> The solution here:
>>>>>> https://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html
>>>>>>
>>>>>> Has anyone configured through Tomcat Realm to manage user
>>>>>> authentication? Is it possible to implement this feature on
>>>>>> InterMine?
>>>>>>
>>>>>> Thanks a lot!
>>>>>>
>>>>>> Best,
>>>>>> Pengcheng Yang
>>>>>>
>>>>>> On 2015/7/22 21:06, Pengcheng Yang wrote:
>>>>>>> Dear InterMine developers,
>>>>>>>
>>>>>>> I want to set the authority to users with limited permission to
>>>>>>> visit specific data set. Two years ago, the same question has been
>>>>>>> initialized at:
>>>>>>> http://gmod.827538.n3.nabble.com/user-accounts-pages-td4036801.html.
>>>>>>> However, it seems that this function has not yet been implemented.
>>>>>>>
>>>>>>> I found it can be implemented through the
>>>>>>> apache-tomcat-7.0.63/webapps/mine/WEB-INF/web.xml file. Has anyone
>>>>>>> implemented this function?
>>>>>>>
>>>>>>> Best,
>>>>>>> Pengcheng Yang
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> dev mailing list
>>>>>>> dev at intermine.org
>>>>>>> http://mail.intermine.org/cgi-bin/mailman/listinfo/dev
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> dev mailing list
>>>>>> dev at intermine.org
>>>>>> http://mail.intermine.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> dev mailing list
>>>> dev at intermine.org
>>>> http://mail.intermine.org/cgi-bin/mailman/listinfo/dev
>>>>
>>>
>>> _______________________________________________
>>> dev mailing list
>>> dev at intermine.org
>>> http://mail.intermine.org/cgi-bin/mailman/listinfo/dev
>>>
>>
>>
>>
>> _______________________________________________
>> dev mailing list
>> dev at intermine.org
>> http://mail.intermine.org/cgi-bin/mailman/listinfo/dev
>>
>
>



More information about the dev mailing list