User Management

Greenstone software comes equipped with a system for registering and administering users. Greenstone users can register as a user with a login and password. Administrators can then assign them into various groups. These user groups are used for authenticating login to a remote Greenstone server, and for password protecting collections and documents.

TODO:

  • Registering as a user
  • User groups
  • Editing users

GS3 Tomcat authentication notes

We use Tomcat Realm to connect to JDBC database of users. Its specified in resources/tomcat/greenstone3.xml.in (which gets copied to resources/tomcat/context-name.xml, and then to packages/tomcat/conf/Catalina/localhost/context-name.xml

<!--
   For embedded derby db:
   driverName="org.apache.derby.jdbc.EmbeddedDriver"
   connectionURL="jdbc:derby:@gsdl3webhome@/etc/usersDB"
-->  
<Realm className="org.apache.catalina.realm.JDBCRealm" 
        driverName="org.apache.derby.jdbc.ClientDriver"
        connectionURL="jdbc:derby://@derbyserver@:@derbyserverport@/@gsdl3webhome@/etc/usersDB"
        userTable="users" userNameCol="username" userCredCol="password"
        userRoleTable="roles" roleNameCol="role"
        />

Will end up like

<Realm className="org.apache.catalina.realm.JDBCRealm" 
        driverName="org.apache.derby.jdbc.ClientDriver"
        connectionURL="jdbc:derby://localhost:1527//greenstone/greenstone3/web/etc/usersDB"
        userTable="users" userNameCol="username" userCredCol="password"
        userRoleTable="roles" roleNameCol="role"
                />

Logins timeout when the tomcat session expires. Session expiry happens after a specified period of inactivity. In LibraryServlet.java, have

/**
  * the maximum interval that the cached info remains in session_ids_table
  * (in seconds) This is set in web.xml
  */
  protected int session_expiration = 1800;

This can be overridden by putting a session-expiration init-param into your servlet specification in web/WEB-INF/servlets.xml (which is included by web.xml). This is specified in seconds.

<init-param>
  <param-name>session_expiration</param-name>
  <param-value>3600</param-value>
</init-param>