Since OMERO 4.4, the OMERO.web framework has supported auto-login for a single username / password. This means that any “public” visitors to certain OMERO.web pages will be automatically logged in and will be able to access the data available to the defined ‘public user’.
Here is how to go about setting this up on your OMERO.web install:
Create a group with read-only permissions (name can be anything e.g. “public-data”). We use read-only permissions so that the public user will not be able to modify, delete or annotate data belonging to other members.
Create a member of this group, noting the username and password (we will enter these below). Again, the First Name, Last Name, username and password can be anything you like.
Enable the public user and set their username and password:
$ bin/omero config set omero.web.public.enabled True
$ bin/omero config set omero.web.public.user '<username>'
$ bin/omero config set omero.web.public.password '<password>'
Set a URL filter for which the OMERO.web public user is allowed to navigate. Default: ‘^/(?!webadmin)’ (Python reqular expression). You probably do not want the whole webclient UI to be publicly visible (although you could do this).
The idea is that you can create the public pages yourself since we do not provide them. For example, to allow only URLs that start with ‘/my_web_public’ you would use:
$ bin/omero config set omero.web.public.url_filter '/my_web_public'
To enable public access to view images in a public group in the webclient while still preventing data manipulation, use the following command:
$ bin/omero config set omero.web.public.url_filter '^/(?!webadmin|webclient/action/\w+|webclient/annotate_(file|tags|comment))'
If you simply want to enable the image viewer, making sure all data stays secure you would use:
$ bin/omero config set omero.web.public.url_filter '/webgateway'
Then you can access public images via the following link http://your_host/webgateway/img_detail/IMAGE_ID/. Please remember that public images must be in a public group where public user can access them.
Exotic matching techniques can be used but more explicit regular expressions are needed when attempting to filter based on a base URL:
'webtest' matches '/webtest' but also '/webclient/webtest'
'dataset' matches '/webtest/dataset' and also '/webclient/dataset'
'/webtest' matches '/webtest…' but also '/webclient/webtest'
'/webtest' matches '/webtest…' but not '/webclient/webtest'
Set a server to connect to. Default: 1 (the first server in omero.web.server_list)
$ bin/omero config set omero.web.public.server_id 1
If you wish to mix public and restricted access to the system, the user can always access the login page using the following link http://your_host/webclient/login/.