[ome-users] Prevent a user from changing their own password?
Aleksandra Tarkowska
A.Tarkowska at dundee.ac.uk
Fri Oct 25 12:34:18 BST 2013
Dear John
Referring to your question about changing password. I think as long as you keep public user password safe and secure no one should be able to change password. First because changing password require Current password and second you can add
omero config set omero.web.public.url_filter '^/(?!webadmin)'
to make changing user details will prompt login.
If you want to prevent public user from creating/editing/deleting your filter should look like:
omero config set omero.web.public.url_filter '^/(?!webadmin|webclient/action/\w+|webclient/annotate_(file|tags|comment))'
this should do the trick
Kind regards
Ola
On 24 Oct 2013, at 11:27, John Webber (NBI) <John.Webber at nbi.ac.uk<mailto:John.Webber at nbi.ac.uk>> wrote:
All,
Following on from the emails below, I have implemented a Public user, so that we have Omero auto-login for a specified user. Is there, however, a way to prevent this user from creating any content. If we have a site which auto-logins to a particular user, how can we make sure that someone does not create any inappropriate content (by attaching files, or creating new datasets, projects or screens) as this user.
Thanks
John
From: Will Moore [mailto:will at lifesci.dundee.ac.uk<http://lifesci.dundee.ac.uk>]
Sent: 16 October 2013 12:17
To: John Webber (NBI)
Cc: ome-users at lists.openmicroscopy.org.uk<mailto:ome-users at lists.openmicroscopy.org.uk>
Subject: Re: [ome-users] Prevent a user from changing their own password?
Hi John,
Will you be providing this account username and password to external users, to log in with Insight / web?
If so, then I don't know of a way you can currently prevent them changing their password, although others might have some ideas.
In the case where we have "public" user exposed via auto-login through the web framework, the user never gets to know their password or to log in, and we prevent them visiting the webadmin pages via a url filter as described
https://www.openmicroscopy.org/site/support/omero4/developers/Web/PublicData.html
Cheers,
Will.
On 16 Oct 2013, at 11:53, John Webber (NBI) wrote:
Hi all,
We are planning to have an external Omero user account that can be used to view (read-only) images in our Omero instance. Is it possible to lock down this user account within Omero, so that the user is not able to change their own password? We would envisage that a password change should only be done by an administrator – is this something that can be achieved?
Thanks
John
--------------------------------------------------------------------------------------------------------------------------------------------
John Webber
Computing and Information Services
NBI Partnership Ltd
Norwich Research park
Colney Lane
Norwich
NR4 7UH
E-Mail: john.webber at nbi.ac.uk<mailto:john.webber at nbi.ac.uk>
Web: http://www.nbi.ac.uk<http://www.nbi.ac.uk/>
Tel: +44(0)1603 450 818
Helpdesk (Tel): 1234 HPC Support (Web): http://hpc.nbi.ac.uk<http://hpc.nbi.ac.uk/> (NBI internal)
HPC Support (Tel): 2003 (NBI internal)
The NBI Partnership Ltd provides non-scientific services to the Institute of Food Research, the John Innes Centre, The Genome Analysis Centre and The Sainsbury Laboratory
_______________________________________________
ome-users mailing list
ome-users at lists.openmicroscopy.org.uk<mailto:ome-users at lists.openmicroscopy.org.uk>
http://lists.openmicroscopy.org.uk/mailman/listinfo/ome-users
_______________________________________________
ome-users mailing list
ome-users at lists.openmicroscopy.org.uk<mailto:ome-users at lists.openmicroscopy.org.uk>
http://lists.openmicroscopy.org.uk/mailman/listinfo/ome-users
The University of Dundee is a registered Scottish Charity, No: SC015096
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openmicroscopy.org.uk/pipermail/ome-users/attachments/20131025/b0ee45d9/attachment.html>
More information about the ome-users
mailing list