The OMERO.web framework allows raw data to be published using built-in tools or supplied through webservices to external web pages. Selected datasets can be made visible to a ‘public user’ using the standard OMERO permissions system, ensuring you always have control over how users can interact with your data.
There are several ways of publishing data using OMERO.web:
The sections below describe how to set up these features.
The OMERO.web framework supports auto-login for a single username / password. This means that any public visitors to certain OMERO.web pages will be automatically logged in and will be able to access the data available to the defined ‘public user’.
To set this up on your OMERO.web installation:
Create a group with read-only permissions (the name can be anything e.g. “public-data”). We recommend read-only permissions so that the public user will not be able to modify, delete or annotate data belonging to other members.
Create a member of this group, noting the username and password (you will enter these below). Again, the First Name, Last Name, username and password can be anything you like.
Note
If you add this member to other groups, all data in these groups will also become publicly accessible for as long as this user remains in the group.
Enable the omero.web.public.enabled property and set omero.web.public.user and omero.web.public.password:
$ bin/omero config set omero.web.public.enabled True
$ bin/omero config set omero.web.public.user '<username>'
$ bin/omero config set omero.web.public.password '<password>'
By default the public user is only allowed to perform GET requests. This means that the public user will not be able to Create, Edit or Delete data which requires POST requests. If you want to allow these actions from the public user, you can change the omero.web.public.get_only property:
$ bin/omero config set omero.web.public.get_only false
Set the omero.web.public.url_filter. This filter is a regular expression that will allow only matching URLs to be accessed by the public user.
There are three common use cases for the URL filter:
Enable ‘webgateway’ URLs which includes everything needed for the full image viewer:
$ bin/omero config set omero.web.public.url_filter '^/webgateway'
without the ability to download data:
$ bin/omero config set omero.web.public.url_filter '^/webgateway/(?!archived_files|download_as)'
Then you can access public images via the following link http://your_host/webgateway/img_detail/IMAGE_ID/.
Create your own public pages in a separate app (see create app) and allow public access to that app. For example, to allow only URLs that start with ‘/my_web_public’ you would use:
$ bin/omero config set omero.web.public.url_filter '^/my_web_public'
You can use the full webclient UI for public browsing of images. Attempts by public user to create, edit or delete data will fail silently with the default omero.web.public.get_only setting above. You may also choose to disable various dialogs for these actions such as launching scripts or OME-TIFF export, for example:
$ bin/omero config set omero.web.public.url_filter '^/(webadmin/myphoto/|webclient/(?!(script_ui|ome_tiff|figure_script))|webgateway/(?!(archived_files|download_as)))'
Set the omero.web.public.server_id which the public user will be automatically connected to. Default: 1 (the first server in the omero.web.server_list)
$ bin/omero config set omero.web.public.server_id 1
If you enable public access to the main webclient but still wish registered users to be able to login, the login page can always be accessed using a link of the form https://your_host/webclient/login/.
As an alternative to granting permanent public access to the data, the OMERO.web framework supports password-less, OMERO session key-based authentication. For example a direct link to image will look as follows:
https://your_host/webgateway/img_detail/IMAGE_ID/?server=SERVER_ID&bsession=OMERO_SESSION_KEY
Note
The SERVER_ID should match the index from the list set using omero.web.server_list from the server session you created. If your list contains only one server, the index will be 1.
For more details about how to create an OMERO session see server-side session or use the command line interface to create one.