Re: Setting up User Authentication/Accounts with JBrowse

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Scott Cain
Hi Morgan,

I'm cc'ing this to the jbrowse mailing list so they can answer too.

The current version of JBrowse does not implement user accounts, but it does seem to me that it should be possible to create something approximating user accounts via apache, though I honestly haven't done anything like that in several years, and I don't really remember how to do it.  Do you know why you haven't been successful in creating password protected pages in apache?  Have you tried simple pages (ie, not JBrowse but an html page) as a test?

Scott


On Tue, May 24, 2016 at 1:20 PM, Morgan Kirzinger <[hidden email]> wrote:
To Whom it May Concern,

I am working on setting up JBrowse for my supervisors and their collaborators and have found documentation for setting up user accounts in GBrowse (http://gmod.org/wiki/GBrowse_Configuration/Authentication), but nothing about setting up the same functionality in JBrowse. Does this function still exist? Can I set up user accounts and manage them for my fellow lab mates and my supervisors collaborators? Or do I need to set up restrictions and grant/deny user access through Apache.

Any help would be greatly appreciated, as I have already tried to set things up through Apache2 and haven't had any success in restricting access based on user accounts (with passwords) or grinding/denying access based on IP address.

Thank you for your time.

Cheers,
Morgan

Morgan Kirzinger
M.Sc. Biology
M.Sc. Comptuer Science Candidate



--
------------------------------------------------------------------------
Scott Cain, Ph. D.                                   scott at scottcain dot net
GMOD Coordinator (http://gmod.org/)                     216-392-3087
Ontario Institute for Cancer Research

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Keiran Raine
Hi Scott, Morgan,

The JBrowse configuration page mentions that JBrowse supports cookie based authentication provided you do this through another page first:


Unfortunately it doesn’t give any details of what the cooke should be or how you can configure tracks/datasources to check it is set.

I’ve asked for guidance on this in the past but we’ve never had any useful responses.

It would be exceptionally useful if someone could put together a rudimentary guide of where to start etc, I’m happy to flesh it out once some pointers are in place.

Regards,

Keiran Raine
Principal Bioinformatician
Cancer Genome Project
Wellcome Trust Sanger Institute

Tel:+44 (0)1223 834244 Ext: 7703
Office: H104

On 24 May 2016, at 18:32, Scott Cain <[hidden email]> wrote:

Hi Morgan,

I'm cc'ing this to the jbrowse mailing list so they can answer too.

The current version of JBrowse does not implement user accounts, but it does seem to me that it should be possible to create something approximating user accounts via apache, though I honestly haven't done anything like that in several years, and I don't really remember how to do it.  Do you know why you haven't been successful in creating password protected pages in apache?  Have you tried simple pages (ie, not JBrowse but an html page) as a test?

Scott


On Tue, May 24, 2016 at 1:20 PM, Morgan Kirzinger <[hidden email]> wrote:
To Whom it May Concern,

I am working on setting up JBrowse for my supervisors and their collaborators and have found documentation for setting up user accounts in GBrowse (http://gmod.org/wiki/GBrowse_Configuration/Authentication), but nothing about setting up the same functionality in JBrowse. Does this function still exist? Can I set up user accounts and manage them for my fellow lab mates and my supervisors collaborators? Or do I need to set up restrictions and grant/deny user access through Apache.

Any help would be greatly appreciated, as I have already tried to set things up through Apache2 and haven't had any success in restricting access based on user accounts (with passwords) or grinding/denying access based on IP address.

Thank you for your time.

Cheers,
Morgan

Morgan Kirzinger
M.Sc. Biology
M.Sc. Comptuer Science Candidate



--
------------------------------------------------------------------------
Scott Cain, Ph. D.                                   scott at scottcain dot net
GMOD Coordinator (http://gmod.org/)                     216-392-3087
Ontario Institute for Cancer Research
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


-- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

nathandunn
In reply to this post by Scott Cain

Morgan,

Although I would advocate taking Scott’s advice (using Apache or similar) for authentication to preserve whatever you are doing with JBrowse, Apollo (which also uses most of JBrowse) does support user accounts directly.    

The installation is a bit more involved, but you should be able to wrap your current JBrowse directories and give permissions based on user-name (we don’t currently do IP-address authentication, but always happy to take PR’s).  


It *IS* built around annotation of organisms, so it is definitely overkill for what you are trying to do, but it definitely  handles your use-case.  

Nathan Dunn, PhD
Berkeley Bioinformatics Open-source Projects (BBOP)
Genomics Division, Lawrence Berkeley National Laboratory
[hidden email]


On May 24, 2016, at 10:32 AM, Scott Cain <[hidden email]> wrote:

Hi Morgan,

I'm cc'ing this to the jbrowse mailing list so they can answer too.

The current version of JBrowse does not implement user accounts, but it does seem to me that it should be possible to create something approximating user accounts via apache, though I honestly haven't done anything like that in several years, and I don't really remember how to do it.  Do you know why you haven't been successful in creating password protected pages in apache?  Have you tried simple pages (ie, not JBrowse but an html page) as a test?

Scott


On Tue, May 24, 2016 at 1:20 PM, Morgan Kirzinger <[hidden email]> wrote:
To Whom it May Concern,

I am working on setting up JBrowse for my supervisors and their collaborators and have found documentation for setting up user accounts in GBrowse (http://gmod.org/wiki/GBrowse_Configuration/Authentication), but nothing about setting up the same functionality in JBrowse. Does this function still exist? Can I set up user accounts and manage them for my fellow lab mates and my supervisors collaborators? Or do I need to set up restrictions and grant/deny user access through Apache.

Any help would be greatly appreciated, as I have already tried to set things up through Apache2 and haven't had any success in restricting access based on user accounts (with passwords) or grinding/denying access based on IP address.

Thank you for your time.

Cheers,
Morgan

Morgan Kirzinger
M.Sc. Biology
M.Sc. Comptuer Science Candidate



--
------------------------------------------------------------------------
Scott Cain, Ph. D.                                   scott at scottcain dot net
GMOD Coordinator (http://gmod.org/)                     216-392-3087
Ontario Institute for Cancer Research
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Eric Yao
Hi Morgan,

In a forthcoming release, we are introducing a server platform based on sails.js.  As such, jbrowse would adopt sails' policy engine, supporting passport.js.  The policy engine can support numerous OAuth services and plugins are available for LDAP and Active Directory.  Indeed, if you google passport and your favorite auth strategy, you will probably find it.

Eric

On Tue, May 24, 2016 at 11:41 AM, Nathan Dunn <[hidden email]> wrote:

Morgan,

Although I would advocate taking Scott’s advice (using Apache or similar) for authentication to preserve whatever you are doing with JBrowse, Apollo (which also uses most of JBrowse) does support user accounts directly.    

The installation is a bit more involved, but you should be able to wrap your current JBrowse directories and give permissions based on user-name (we don’t currently do IP-address authentication, but always happy to take PR’s).  


It *IS* built around annotation of organisms, so it is definitely overkill for what you are trying to do, but it definitely  handles your use-case.  

Nathan Dunn, PhD
Berkeley Bioinformatics Open-source Projects (BBOP)
Genomics Division, Lawrence Berkeley National Laboratory
[hidden email]


On May 24, 2016, at 10:32 AM, Scott Cain <[hidden email]> wrote:

Hi Morgan,

I'm cc'ing this to the jbrowse mailing list so they can answer too.

The current version of JBrowse does not implement user accounts, but it does seem to me that it should be possible to create something approximating user accounts via apache, though I honestly haven't done anything like that in several years, and I don't really remember how to do it.  Do you know why you haven't been successful in creating password protected pages in apache?  Have you tried simple pages (ie, not JBrowse but an html page) as a test?

Scott


On Tue, May 24, 2016 at 1:20 PM, Morgan Kirzinger <[hidden email]> wrote:
To Whom it May Concern,

I am working on setting up JBrowse for my supervisors and their collaborators and have found documentation for setting up user accounts in GBrowse (http://gmod.org/wiki/GBrowse_Configuration/Authentication), but nothing about setting up the same functionality in JBrowse. Does this function still exist? Can I set up user accounts and manage them for my fellow lab mates and my supervisors collaborators? Or do I need to set up restrictions and grant/deny user access through Apache.

Any help would be greatly appreciated, as I have already tried to set things up through Apache2 and haven't had any success in restricting access based on user accounts (with passwords) or grinding/denying access based on IP address.

Thank you for your time.

Cheers,
Morgan

Morgan Kirzinger
M.Sc. Biology
M.Sc. Comptuer Science Candidate



--
------------------------------------------------------------------------
Scott Cain, Ph. D.                                   scott at scottcain dot net
GMOD Coordinator (http://gmod.org/)                     <a href="tel:216-392-3087" value="+12163923087" target="_blank">216-392-3087
Ontario Institute for Cancer Research
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax



------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Morgan Kirzinger
Hi Eric,

That's great to hear, thank you for letting me know what to expect. I'm very excited for the future releases and additional features that will be implemented. It is a great tool and my supervisors are very excited that we not have JBrowse up and running and they will be very happy to hear about this.

Thank you for your time.


Cheers,
M

Morgan Kirzinger
M.Sc. Biology

On 24 May 2016 at 13:56, Eric Yao <[hidden email]> wrote:
Hi Morgan,

In a forthcoming release, we are introducing a server platform based on sails.js.  As such, jbrowse would adopt sails' policy engine, supporting passport.js.  The policy engine can support numerous OAuth services and plugins are available for LDAP and Active Directory.  Indeed, if you google passport and your favorite auth strategy, you will probably find it.

Eric

On Tue, May 24, 2016 at 11:41 AM, Nathan Dunn <[hidden email]> wrote:

Morgan,

Although I would advocate taking Scott’s advice (using Apache or similar) for authentication to preserve whatever you are doing with JBrowse, Apollo (which also uses most of JBrowse) does support user accounts directly.    

The installation is a bit more involved, but you should be able to wrap your current JBrowse directories and give permissions based on user-name (we don’t currently do IP-address authentication, but always happy to take PR’s).  


It *IS* built around annotation of organisms, so it is definitely overkill for what you are trying to do, but it definitely  handles your use-case.  

Nathan Dunn, PhD
Berkeley Bioinformatics Open-source Projects (BBOP)
Genomics Division, Lawrence Berkeley National Laboratory
[hidden email]


On May 24, 2016, at 10:32 AM, Scott Cain <[hidden email]> wrote:

Hi Morgan,

I'm cc'ing this to the jbrowse mailing list so they can answer too.

The current version of JBrowse does not implement user accounts, but it does seem to me that it should be possible to create something approximating user accounts via apache, though I honestly haven't done anything like that in several years, and I don't really remember how to do it.  Do you know why you haven't been successful in creating password protected pages in apache?  Have you tried simple pages (ie, not JBrowse but an html page) as a test?

Scott


On Tue, May 24, 2016 at 1:20 PM, Morgan Kirzinger <[hidden email]> wrote:
To Whom it May Concern,

I am working on setting up JBrowse for my supervisors and their collaborators and have found documentation for setting up user accounts in GBrowse (http://gmod.org/wiki/GBrowse_Configuration/Authentication), but nothing about setting up the same functionality in JBrowse. Does this function still exist? Can I set up user accounts and manage them for my fellow lab mates and my supervisors collaborators? Or do I need to set up restrictions and grant/deny user access through Apache.

Any help would be greatly appreciated, as I have already tried to set things up through Apache2 and haven't had any success in restricting access based on user accounts (with passwords) or grinding/denying access based on IP address.

Thank you for your time.

Cheers,
Morgan

Morgan Kirzinger
M.Sc. Biology
M.Sc. Comptuer Science Candidate



--
------------------------------------------------------------------------
Scott Cain, Ph. D.                                   scott at scottcain dot net
GMOD Coordinator (http://gmod.org/)                     <a href="tel:216-392-3087" value="+12163923087" target="_blank">216-392-3087
Ontario Institute for Cancer Research
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax




------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Keiran Raine
In reply to this post by Eric Yao
Hi Eric,

That’s great news!  Am I allowed to ask when the release is likely to be?  This will solve one of our biggest headaches.

Thanks,

Keiran Raine
Principal Bioinformatician
Cancer Genome Project
Wellcome Trust Sanger Institute

Tel:+44 (0)1223 834244 Ext: 7703
Office: H104

On 24 May 2016, at 20:56, Eric Yao <[hidden email]> wrote:

Hi Morgan,

In a forthcoming release, we are introducing a server platform based on sails.js.  As such, jbrowse would adopt sails' policy engine, supporting passport.js.  The policy engine can support numerous OAuth services and plugins are available for LDAP and Active Directory.  Indeed, if you google passport and your favorite auth strategy, you will probably find it.

Eric

On Tue, May 24, 2016 at 11:41 AM, Nathan Dunn <[hidden email]> wrote:

Morgan,

Although I would advocate taking Scott’s advice (using Apache or similar) for authentication to preserve whatever you are doing with JBrowse, Apollo (which also uses most of JBrowse) does support user accounts directly.    

The installation is a bit more involved, but you should be able to wrap your current JBrowse directories and give permissions based on user-name (we don’t currently do IP-address authentication, but always happy to take PR’s).  


It *IS* built around annotation of organisms, so it is definitely overkill for what you are trying to do, but it definitely  handles your use-case.  

Nathan Dunn, PhD
Berkeley Bioinformatics Open-source Projects (BBOP)
Genomics Division, Lawrence Berkeley National Laboratory
[hidden email]


On May 24, 2016, at 10:32 AM, Scott Cain <[hidden email]> wrote:

Hi Morgan,

I'm cc'ing this to the jbrowse mailing list so they can answer too.

The current version of JBrowse does not implement user accounts, but it does seem to me that it should be possible to create something approximating user accounts via apache, though I honestly haven't done anything like that in several years, and I don't really remember how to do it.  Do you know why you haven't been successful in creating password protected pages in apache?  Have you tried simple pages (ie, not JBrowse but an html page) as a test?

Scott


On Tue, May 24, 2016 at 1:20 PM, Morgan Kirzinger <[hidden email]> wrote:
To Whom it May Concern,

I am working on setting up JBrowse for my supervisors and their collaborators and have found documentation for setting up user accounts in GBrowse (http://gmod.org/wiki/GBrowse_Configuration/Authentication), but nothing about setting up the same functionality in JBrowse. Does this function still exist? Can I set up user accounts and manage them for my fellow lab mates and my supervisors collaborators? Or do I need to set up restrictions and grant/deny user access through Apache.

Any help would be greatly appreciated, as I have already tried to set things up through Apache2 and haven't had any success in restricting access based on user accounts (with passwords) or grinding/denying access based on IP address.

Thank you for your time.

Cheers,
Morgan

Morgan Kirzinger
M.Sc. Biology
M.Sc. Comptuer Science Candidate



--
------------------------------------------------------------------------
Scott Cain, Ph. D.                                   scott at scottcain dot net
GMOD Coordinator (http://gmod.org/)                     <a href="tel:216-392-3087" value="+12163923087" target="_blank" class="">216-392-3087
Ontario Institute for Cancer Research
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


-- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE.

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Raymond Wan-2
In reply to this post by Keiran Raine
Hi all,


On Wed, May 25, 2016 at 2:39 AM, Keiran Raine <[hidden email]> wrote:
> The JBrowse configuration page mentions that JBrowse supports cookie based
> authentication provided you do this through another page first:
>
> http://gmod.org/wiki/JBrowse_Configuration_Guide#Authentication_and_Access_Control
>
> Unfortunately it doesn’t give any details of what the cooke should be or how
> you can configure tracks/datasources to check it is set.


For what it's worth, I've been able to set up JBrowse using
authentication with CAS (Central Authentication Service).  CAS was set
up by our university; so I wrapped the top index.php around some PHP
code that I pieced together from Googling.  This last part wasn't too
hard.

I probably should test it more thoroughly, but so far, it seems to
work.  As the data in JBrowse isn't private yet, I haven't test the
security.

Ray

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Eric Yao
Nice to hear CAS is working for you, Ray.

Keirn, I expect to have something ready, end of June, and present something at the Galaxy conference in IN.


On Wed, May 25, 2016 at 6:21 AM, Raymond Wan <[hidden email]> wrote:
Hi all,


On Wed, May 25, 2016 at 2:39 AM, Keiran Raine <[hidden email]> wrote:
> The JBrowse configuration page mentions that JBrowse supports cookie based
> authentication provided you do this through another page first:
>
> http://gmod.org/wiki/JBrowse_Configuration_Guide#Authentication_and_Access_Control
>
> Unfortunately it doesn’t give any details of what the cooke should be or how
> you can configure tracks/datasources to check it is set.


For what it's worth, I've been able to set up JBrowse using
authentication with CAS (Central Authentication Service).  CAS was set
up by our university; so I wrapped the top index.php around some PHP
code that I pieced together from Googling.  This last part wasn't too
hard.

I probably should test it more thoroughly, but so far, it seems to
work.  As the data in JBrowse isn't private yet, I haven't test the
security.

Ray

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax


------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax
Reply | Threaded
Open this post in threaded view
|

Re: Setting up User Authentication/Accounts with JBrowse

Raymond Wan-2
Hi Eric,

I know JBrowse isn't supposed to officially support CAS -- but I hope
there aren't any changes to the code that will break it's use of CAS.

While having other options are great -- I have to admit that I like
CAS since user management is centralized with the university.  Saves a
lot of headaches for a lazy person like me...  :-)

I should probably test the security some more some day.  (i.e. to see
if there is a way to access a page, bypassing CAS authentication.)

Ray


On Sat, May 28, 2016 at 7:33 AM, Eric Yao <[hidden email]> wrote:

> Nice to hear CAS is working for you, Ray.
>
> Keirn, I expect to have something ready, end of June, and present something
> at the Galaxy conference in IN.
>
>
> On Wed, May 25, 2016 at 6:21 AM, Raymond Wan <[hidden email]> wrote:
>>
>> Hi all,
>>
>>
>> On Wed, May 25, 2016 at 2:39 AM, Keiran Raine <[hidden email]> wrote:
>> > The JBrowse configuration page mentions that JBrowse supports cookie
>> > based
>> > authentication provided you do this through another page first:
>> >
>> >
>> > http://gmod.org/wiki/JBrowse_Configuration_Guide#Authentication_and_Access_Control
>> >
>> > Unfortunately it doesn’t give any details of what the cooke should be or
>> > how
>> > you can configure tracks/datasources to check it is set.
>>
>>
>> For what it's worth, I've been able to set up JBrowse using
>> authentication with CAS (Central Authentication Service).  CAS was set
>> up by our university; so I wrapped the top index.php around some PHP
>> code that I pieced together from Googling.  This last part wasn't too
>> hard.
>>
>> I probably should test it more thoroughly, but so far, it seems to
>> work.  As the data in JBrowse isn't private yet, I haven't test the
>> security.
>>
>> Ray
>>
>>
>> ------------------------------------------------------------------------------
>> Mobile security can be enabling, not merely restricting. Employees who
>> bring their own devices (BYOD) to work are irked by the imposition of MDM
>> restrictions. Mobile Device Manager Plus allows you to control only the
>> apps on BYO-devices by containerizing them, leaving personal data
>> untouched!
>> https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
>> _______________________________________________
>> Gmod-ajax mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/gmod-ajax
>
>

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
Gmod-ajax mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/gmod-ajax