Note
This documentation is for the new OMERO 5.1. version. See the latest OMERO 5.0.x version or the previous versions page to find documentation for the OMERO version you are using if you have not upgraded yet.
Since OMERO 4.4, the OMERO.web framework has supported auto-login for a single username / password. This means that any “public” visitors to certain OMERO.web pages will be automatically logged in and will be able to access the data available to the defined ‘public user’.
Here is how to go about setting this up on your OMERO.web install:
Create a group with read-only permissions (name can be anything e.g. “public-data”). We use read-only permissions so that the public user will not be able to modify, delete or annotate data belonging to other members.
Create a member of this group, noting the username and password (we will enter these below). Again, the First Name, Last Name, username and password can be anything you like.
Enable the omero.web.public.enabled and set their omero.web.public.user and omero.web.public.password:
$ bin/omero config set omero.web.public.enabled True
$ bin/omero config set omero.web.public.user '<username>'
$ bin/omero config set omero.web.public.password '<password>'
Set the omero.web.public.url_filter. This filter is a regex expression that will only allow matching urls to be accessed by the public user.
There are three common use cases for the url filter:
Enable ‘webgateway’ urls which include everything needed for the full image viewer:
$ bin/omero config set omero.web.public.url_filter '/webgateway'
Then you can access public images via the following link http://your_host/webgateway/img_detail/IMAGE_ID/.
Create your own public pages in a separate app (see create app) and allow public access to that app. For example, to allow only URLs that start with ‘/my_web_public’ you would use:
$ bin/omero config set omero.web.public.url_filter '/my_web_public'
You can use the full webclient UI for public browsing of images. However, the webclient UI was not designed for public use and allows various actions that create data or are resource intensive. These can be selectively disabled using the following command:
$ bin/omero config set omero.web.public.url_filter '^/(?!webadmin|webclient/(action|logout|annotate_(file|tags|comment|rating|map)|script_ui|ome_tiff|figure_script)|webgateway/(archived_files|download_as))'
Set the omero.web.public.server_id public user will be automatically connected to. Default: 1 (the first server in omero.web.server_list)
$ bin/omero config set omero.web.public.server_id 1
If you wish to mix public and restricted access to the system, the user can always access the login page using the following link http://your_host/webclient/login/.
Since OMERO 4.4, the OMERO.web framework has supported password-less, OMERO session key-based authentication. For example a direct link to image will look as follows:
https://your_host/webgateway/img_detail/IMAGE_ID/?server=SERVER_ID&bsession=OMERO_SESSION_KEY
Note
SERVER_ID should match the index from the list set using omero.web.server_list from the server session you created. If your list contains only one server the index will be 1.
For more details about how to create an OMERO session see server-side session or use command line interface to create one.