Publishing data using OMERO.web¶
The OMERO.web framework allows raw data to be published using built-in tools or supplied through webservices to external web pages. Selected datasets can be made visible to a ‘public user’ using the standard OMERO permissions system, ensuring you always have control over how users can interact with your data.
There are several ways of publishing data using OMERO.web:
- using a URL to launch the web-based Image viewer, as described in Launching OMERO.web viewer, which can be accompanied by a thumbnail. For more details of how to load the thumbnail see URLs from within OMERO.web
- embedding the image viewport directly into other web pages, for more details see Customizing the content of the embedded OMERO.web viewport
- allowing public access to the OMERO.web data manager
- writing your own app to host your public data (see Creating an app) and then allowing public access to the chosen URL for that app
The sections below describe how to set up these features.
Public user¶
The OMERO.web framework supports auto-login for a single username / password. This means that any public visitors to certain OMERO.web pages will be automatically logged in and will be able to access the data available to the defined ‘public user’.
To set this up on your OMERO.web installation:
Create a group with read-only permissions (the name can be anything e.g. “public-data”). We recommend read-only permissions so that the public user will not be able to modify, delete or annotate data belonging to other members.
Create a member of this group, noting the username and password (you will enter these below). Again, the First Name, Last Name, username and password can be anything you like.
Note
If you add this member to other groups, all data in these groups will also become publicly accessible for as long as this user remains in the group.
Enable the
omero.web.public.enabled
property and setomero.web.public.user
andomero.web.public.password
:$ bin/omero config set omero.web.public.enabled True $ bin/omero config set omero.web.public.user '<username>' $ bin/omero config set omero.web.public.password '<password>'
By default the public user is only allowed to perform GET requests. This means that the public user will not be able to Create, Edit or Delete data which requires POST requests. If you want to allow these actions from the public user, you can change the
omero.web.public.get_only
property:$ bin/omero config set omero.web.public.get_only false
Set the
omero.web.public.url_filter
. This filter is a regular expression that will allow only matching URLs to be accessed by the public user.There are three common use cases for the URL filter:
Enable ‘webgateway’ URLs which includes everything needed for the full image viewer:
$ bin/omero config set omero.web.public.url_filter '^/webgateway'
without the ability to download data:
$ bin/omero config set omero.web.public.url_filter '^/webgateway/(?!archived_files|download_as)'
Then you can access public images via the following link http://your_host/webgateway/img_detail/IMAGE_ID/.
Create your own public pages in a separate app (see create app) and allow public access to that app. For example, to allow only URLs that start with ‘/my_web_public’ you would use:
$ bin/omero config set omero.web.public.url_filter '^/my_web_public'
You can use the full webclient UI for public browsing of images. Attempts by public user to create, edit or delete data will fail silently with the default
omero.web.public.get_only
setting above. You may also choose to disable various dialogs for these actions such as launching scripts or OME-TIFF export, for example:$ bin/omero config set omero.web.public.url_filter '^/(webadmin/myphoto/|webclient/(?!(script_ui|ome_tiff|figure_script))|webgateway/(?!(archived_files|download_as)))'
Set the
omero.web.public.server_id
which the public user will be automatically connected to. Default: 1 (the first server in theomero.web.server_list
)$ bin/omero config set omero.web.public.server_id 1
If you enable public access to the main webclient but still wish registered users to be able to login, the login page can always be accessed using a link of the form https://your_host/webclient/login/.
Reusing OMERO session¶
As an alternative to granting permanent public access to the data, the OMERO.web framework supports password-less, OMERO session key-based authentication. For example a direct link to image will look as follows:
https://your_host/webgateway/img_detail/IMAGE_ID/?server=SERVER_ID&bsession=OMERO_SESSION_KEY
Note
The SERVER_ID should match the index from the list set using
omero.web.server_list
from the server session
you created. If your list contains only one server, the index will be 1.
For more details about how to create an OMERO session see server-side session or use the command line interface to create one.