Public access with no logins for one user group
476 views
Skip to first unread message
Andrew T
Oct 4, 2011, 6:35:27 AM10/4/11
to ResourceSpace
Howdy All,
I am almost finish a RS build that will be IP protected. That is only
an IP range will be able to access the server. I want to be able to
offer access without the use of a login and pass. Simply go to the
front page or (any internal page) and navigate to the collections
assigned without a login or pass
Main points are
- Public access for a set usergroup (from one IP address)
- Still have some users login for pass protected material and editing
rights (this is fine I can sort this)
- Have no login screen for the guest group
Have searched on the groups but all the steps don’t seem to quite do
this although it seems the $anonymous_login="guest"; option seems to
be on the path? I just can’t seem to find clear steps to make it work
or amend so there is no login screen.
Version of RS being used is: 3.8.2144
Apache Server
If someone can point me in the right direction so I can sort the
defined steps in the group here for future users.
Thanks all
Andrew
I am almost finish a RS build that will be IP protected. That is only
an IP range will be able to access the server. I want to be able to
offer access without the use of a login and pass. Simply go to the
front page or (any internal page) and navigate to the collections
assigned without a login or pass
Main points are
- Public access for a set usergroup (from one IP address)
- Still have some users login for pass protected material and editing
rights (this is fine I can sort this)
- Have no login screen for the guest group
Have searched on the groups but all the steps don’t seem to quite do
this although it seems the $anonymous_login="guest"; option seems to
be on the path? I just can’t seem to find clear steps to make it work
or amend so there is no login screen.
Version of RS being used is: 3.8.2144
Apache Server
If someone can point me in the right direction so I can sort the
defined steps in the group here for future users.
Thanks all
Andrew
Andrew T
Oct 13, 2011, 9:16:22 PM10/13/11
to ResourceSpace
Hi All,
Does anyone have any thoughts on this?
Cheers
Andrew
Does anyone have any thoughts on this?
Cheers
Andrew
JohnBB
Oct 16, 2011, 11:57:10 AM10/16/11
to ResourceSpace
Hi Andrew
Can I just clarify...
Is this running on a dedicated server / virtual server (ie can you use
a firewall or Apache settings to restrict access to this IP address)?
Are your edit users on the same IP (ie do you need an optional login
page)?
How will your users select language or themes (ie the other options on
the current login page).
I do not think there is an 'out of the box' solution for this, you
will need to tweak the login process, but if you can use Apache or a
firewall to restrict access you may be able to use the guest login to
do the rest.
Regards
John
Can I just clarify...
Is this running on a dedicated server / virtual server (ie can you use
a firewall or Apache settings to restrict access to this IP address)?
Are your edit users on the same IP (ie do you need an optional login
page)?
How will your users select language or themes (ie the other options on
the current login page).
I do not think there is an 'out of the box' solution for this, you
will need to tweak the login process, but if you can use Apache or a
firewall to restrict access you may be able to use the guest login to
do the rest.
Regards
John
Andrew T
Oct 17, 2011, 6:10:45 AM10/17/11
to ResourceSpace
Hi John,
Thanks so much for the reply. Ok..
1. This is on a shared server at dreamhost.com and is working well
there. (not heavy usage)
2. I can IP restrict via .htaccess . I have this setup already and
working. I can restrict logins from an IP range too.
3. All my logins will come from a select ip range only.
4. Users will not be able to select language or themes. All fixed and
not optional.
The guest or general user will have little permissions apart from view
a range of open public folders. The main point really is though not to
have a login page.
I am open to the guest login if that works this way.
A few e.g scenarios of use would be:
1. The admin sends an email with a link to a video or image range to
the network (IP range). User click on the link and does not need to
login.
2. User can go to site front page and simply click on a home panel or
nav item open to the public without logging in
3. A page on an intranet might have links to a few important files
that can be downloaded from RS. Would like the click through to be
seamless with no login.
Does this give enough info? Does the guest login sound the way
forward? If so very keen to see the steps for this.
Cheers
Andrew
Thanks so much for the reply. Ok..
1. This is on a shared server at dreamhost.com and is working well
there. (not heavy usage)
2. I can IP restrict via .htaccess . I have this setup already and
working. I can restrict logins from an IP range too.
3. All my logins will come from a select ip range only.
4. Users will not be able to select language or themes. All fixed and
not optional.
The guest or general user will have little permissions apart from view
a range of open public folders. The main point really is though not to
have a login page.
I am open to the guest login if that works this way.
A few e.g scenarios of use would be:
1. The admin sends an email with a link to a video or image range to
the network (IP range). User click on the link and does not need to
login.
2. User can go to site front page and simply click on a home panel or
nav item open to the public without logging in
3. A page on an intranet might have links to a few important files
that can be downloaded from RS. Would like the click through to be
seamless with no login.
Does this give enough info? Does the guest login sound the way
forward? If so very keen to see the steps for this.
Cheers
Andrew
JohnBB
Oct 22, 2011, 6:49:32 AM10/22/11
to ResourceSpace
Hi Andrew
Thanks for prompting me on this one - you might have noticed a
subsequent thread I started because I couldn't remember this post and
Google Groups is sadly lacking in reminders.
Your problem: You want to bypass the login screen.
There is no way to do this 'out of the box', you will need to write
some custom code for it.
When you start up RS, it checks if you have a cookie set and will take
you to the login screen for your password. The only way to avoid this
is to change the logic in 'authenticate.php' to transparently generate
a session cookie and write this to the browser, instead of going
straight to login. It is this session cookie which tells the rest of
RS that you are logged in.
For those people who need to log in, you should be able to go directly
to login.php which I think will write the session cookie and let you
in as an administrator (or whatever level is set).
You might want to hide the logout button for your anonymous users, or
change it to a login button.
These changes are fairly easy, if you have any PHP experience within
your organisation. I do not know if anybody else is currently looking
at this - doubtless they will let us know.
Regards
John
On Oct 17, 11:10 am, Andrew T <and...@purewasabi.com.au> wrote:
> Hi John,
>
> Thanks so much for the reply. Ok..
>
> 1. This is on a shared server at dreamhost.com and is working well
> there. (not heavy usage)
> 2. I can IP restrict via .htaccess . I have this setup already and
> working. I can restrictloginsfrom an IP range too.
> 3. All myloginswill come from a select ip range only.
> a range of openpublicfolders. The main point really is though not to
> login.
> 2.Usercan go to site front page and simply click on a home panel or
> nav item open to thepublicwithout logging in
Thanks for prompting me on this one - you might have noticed a
subsequent thread I started because I couldn't remember this post and
Google Groups is sadly lacking in reminders.
Your problem: You want to bypass the login screen.
There is no way to do this 'out of the box', you will need to write
some custom code for it.
When you start up RS, it checks if you have a cookie set and will take
you to the login screen for your password. The only way to avoid this
is to change the logic in 'authenticate.php' to transparently generate
a session cookie and write this to the browser, instead of going
straight to login. It is this session cookie which tells the rest of
RS that you are logged in.
For those people who need to log in, you should be able to go directly
to login.php which I think will write the session cookie and let you
in as an administrator (or whatever level is set).
You might want to hide the logout button for your anonymous users, or
change it to a login button.
These changes are fairly easy, if you have any PHP experience within
your organisation. I do not know if anybody else is currently looking
at this - doubtless they will let us know.
Regards
John
On Oct 17, 11:10 am, Andrew T <and...@purewasabi.com.au> wrote:
> Hi John,
>
> Thanks so much for the reply. Ok..
>
> 1. This is on a shared server at dreamhost.com and is working well
> there. (not heavy usage)
> 2. I can IP restrict via .htaccess . I have this setup already and
> 3. All myloginswill come from a select ip range only.
> 4. Users will not be able to select language or themes. All fixed and
> not optional.
>
> The guest or generaluserwill have little permissions apart from view
> not optional.
>
> a range of openpublicfolders. The main point really is though not to
> have a login page.
>
> I am open to the guest login if that works this way.
>
> A few e.g scenarios of use would be:
> 1. The admin sends an email with a link to a video or image range to
> the network (IP range).Userclick on the link and does not need to
>
> I am open to the guest login if that works this way.
>
> A few e.g scenarios of use would be:
> 1. The admin sends an email with a link to a video or image range to
> login.
> 2.Usercan go to site front page and simply click on a home panel or
> nav item open to thepublicwithout logging in
mir
Oct 25, 2011, 9:59:59 AM10/25/11
to ResourceSpace
Hello all,
We are definitely looking for this, as we intend to set up a public
image bank (where the guest user has access to a subset of resources
-- a different issue). These guys are doing it here: https://collage.syr.edu/.
We do have some funds if needed to implement this feature. What would
be the best way to get this done?
regards,
mir
> Thanks for prompting me on thisone- you might have noticed a
We are definitely looking for this, as we intend to set up a public
image bank (where the guest user has access to a subset of resources
-- a different issue). These guys are doing it here: https://collage.syr.edu/.
We do have some funds if needed to implement this feature. What would
be the best way to get this done?
regards,
mir
> Thanks for prompting me on thisone- you might have noticed a
> subsequent thread I started because I couldn't remember this post and
> Google Groups is sadly lacking in reminders.
>
> Your problem: You want to bypass the login screen.
>
> There isnoway to do this 'out of the box', you will need to write
> Google Groups is sadly lacking in reminders.
>
> Your problem: You want to bypass the login screen.
>
JohnBB
Oct 25, 2011, 4:49:17 PM10/25/11
to ResourceSpace
Hi Mir
I believe in the direct approach - I have dropped a note to Syracuse
to see if they will share the changes they have made - if so, we
should be able to create a plugin or at least some sample code to show
how it is done.
If we don't get anything back from them, I'll have a look myself.
It's not hard to create a new front end to RS, but if we can get one
that's already tested it will be a lot easier.
Regards
John
I believe in the direct approach - I have dropped a note to Syracuse
to see if they will share the changes they have made - if so, we
should be able to create a plugin or at least some sample code to show
how it is done.
If we don't get anything back from them, I'll have a look myself.
It's not hard to create a new front end to RS, but if we can get one
that's already tested it will be a lot easier.
Regards
John
Tom Gleason
Oct 25, 2011, 5:50:13 PM10/25/11
to resour...@googlegroups.com
Hi Andrew,
This was already recently addressed in this thread:
http://groups.google.com/group/resourcespace/browse_frm/thread/32aef7c1ae654e53/5cd550e88deea1a4?lnk=gst&q=ResourceSpace+-+Open+access#5cd550e88deea1a4
You just need to make sure there is a user called "guest" and they are in the group with the permissions you want for anonymous login. No need for custom development.
--
Tom Gleason
ResourceSpace Developer
This was already recently addressed in this thread:
http://groups.google.com/group/resourcespace/browse_frm/thread/32aef7c1ae654e53/5cd550e88deea1a4?lnk=gst&q=ResourceSpace+-+Open+access#5cd550e88deea1a4
You just need to make sure there is a user called "guest" and they are in the group with the permissions you want for anonymous login. No need for custom development.
--
Tom Gleason
ResourceSpace Developer
Suman Thapa
Aug 17, 2015, 5:27:02 AM8/17/15
to ResourceSpace
Hello Mir,
Here is what I did to make the Resource Space publicly available to guest user as you are looking for.
Create a user name "guest" in the database with the user group "anonymous" with permissions s,e-1,e-2,g,d,q,n,f*,j* and you're good to go. For more details on permissions, you can go to http://wiki.resourcespace.org/index.php/User_Group_Management.
Regards,
Suman
Here is what I did to make the Resource Space publicly available to guest user as you are looking for.
Create a user name "guest" in the database with the user group "anonymous" with permissions s,e-1,e-2,g,d,q,n,f*,j* and you're good to go. For more details on permissions, you can go to http://wiki.resourcespace.org/index.php/User_Group_Management.
Regards,
Suman
Reply all
Reply to author
Forward
0 new messages