Public data in OMERO.web ======================== Public user ----------- Since OMERO 4.4, the OMERO.web framework has supported auto-login for a single username / password. This means that any "public" visitors to certain OMERO.web pages will be automatically logged in and will be able to access the data available to the defined 'public user'. Here is how to go about setting this up on your OMERO.web install: - Create a group with read-only permissions (name can be anything e.g. "public-data"). We use read-only permissions so that the public user will not be able to modify, delete or annotate data belonging to other members. - Create a member of this group, noting the username and password (we will enter these below). Again, the First Name, Last Name, username and password can be anything you like. - Enable the :property:`omero.web.public.enabled` and set their :property:`omero.web.public.user` and :property:`omero.web.public.password`: :: $ bin/omero config set omero.web.public.enabled True $ bin/omero config set omero.web.public.user '' $ bin/omero config set omero.web.public.password '' - Set the :property:`omero.web.public.url_filter`. This filter is a regex expression that will only allow matching urls to be accessed by the public user. There are three common use cases for the url filter: - Enable 'webgateway' urls which include everything needed for the full image viewer: :: $ bin/omero config set omero.web.public.url_filter '/webgateway' Then you can access public images via the following link `\http://your_host/webgateway/img_detail/IMAGE_ID/`. - Create your own public pages in a separate app (see :doc:`create app `) and allow public access to that app. For example, to allow only URLs that start with '/my_web_public' you would use: :: $ bin/omero config set omero.web.public.url_filter '/my_web_public' - You can use the full webclient UI for public browsing of images. However, the webclient UI was not designed for public use and allows various actions that create data or are resource intensive. These can be selectively disabled using the following command: :: $ bin/omero config set omero.web.public.url_filter '^/(?!webadmin|webclient/(action|logout|annotate_(file|tags|comment|rating|map)|script_ui|ome_tiff|figure_script)|webgateway/(archived_files|download_as))' - Set the :property:`omero.web.public.server_id` public user will be automatically connected to. Default: 1 (the first server in :property:`omero.web.server_list`) :: $ bin/omero config set omero.web.public.server_id 1 If you wish to mix public and restricted access to the system, the user can always access the login page using the following link `\http://your_host/webclient/login/`. Reusing OMERO session --------------------- Since OMERO 4.4, the OMERO.web framework has supported password-less, OMERO session key-based authentication. For example a direct link to image will look as follows: :: https://your_host/webgateway/img_detail/IMAGE_ID/?server=SERVER_ID&bsession=OMERO_SESSION_KEY .. note:: SERVER_ID should match the index from the list set using :property:`omero.web.server_list` from the server session you created. If your list contains only one server the index will be 1. For more details about how to create an OMERO session see :doc:`server-side session ` or use :doc:`command line interface ` to create one.