Greenstone Wiki

User Tools

Site Tools

You are here: index » en » user » authentication
en:user:authentication

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
en:user:authentication [2018/08/27 00:14] – [Authentication in Greenstone] kjdonen:user:authentication [2018/08/27 01:01] kjdon
Line 3: Line 3:
  
 A special type of user called an "administrator" is able to manage users. Anyone can register as a user, but only administrators can assign groups to that user. Groups control which collections/activities a user is allowed access to. A special type of user called an "administrator" is able to manage users. Anyone can register as a user, but only administrators can assign groups to that user. Groups control which collections/activities a user is allowed access to.
 +
  
 <TABAREA tabs="Greenstone3,Greenstone2"> <TABAREA tabs="Greenstone3,Greenstone2">
Line 33: Line 34:
  
  
-===== <!-- id:599 -->User management =====+=====User management =====
  
-<!-- id:600 -->Greenstone incorporates an authentication scheme which can be used to control +Greenstone incorporates an authentication scheme which can be used to control 
 access to certain facilities. This is used to restrict the people  access to certain facilities. This is used to restrict the people 
 who are allowed to access certain administration pages and allow for private collections/documents.  who are allowed to access certain administration pages and allow for private collections/documents. 
Line 41: Line 42:
 Authentication is done by requesting a user name and password. Authentication is done by requesting a user name and password.
  
-<!-- id:601 -->From the administration page users can be listed,+From the administration page users can be listed,
  new ones added, and old ones deleted.   new ones added, and old ones deleted. 
 The ability to do this is of course also protected:  The ability to do this is of course also protected: 
Line 51: Line 52:
 collections and alter (and delete) existing ones. collections and alter (and delete) existing ones.
  
-<!-- id:602 -->When Greenstone is installed, there is one user called //admin// who belongs +When Greenstone is installed, there is one user called //admin// who belongs 
 to both groups. The password for this user is set during the installation process (If you to both groups. The password for this user is set during the installation process (If you
 did not set a password during installation, the admin login will default to  did not set a password during installation, the admin login will default to 
Line 60: Line 61:
 the Greenstone file structure (see the //Greenstone Digital Library Developer's Guide//). the Greenstone file structure (see the //Greenstone Digital Library Developer's Guide//).
  
-=====Forgotten Password===== +  * [[en:user_advanced:gs3_user_management|Greenstone 3 User Management]] 
-(With instructions by Diego Spano.)+  * [[en:user_advanced:gs2_user_management|Greenstone 2 User Management]] 
 +  *  
 +===== Additional features =====
  
-User account details are stored in etc/users.gdb.+Once you have authenticated users, you can use features such as: 
 +  * [[en:user:user_comments|User Comments]] - if this is enabled for a collection, logged in users can add comments to a document. 
 +  * [[en:user_advanced:web_editor|Online Document Editing]] - In greenstone 3 you can enable web editing for documents. Here authenticated users (with collection editing privileges) can modify the metadata or text content of a document.
  
-There are several ways in which to reset your admin account's password. If you have the admin account's authentication details, you can reset the password for other users. 
- 
-**Option 1** 
- 
-In greenstone/bin/script you have a perl script called "csv-usernames-to-db.pl". This program converts username details (password, group information etc) into the format used by Greenstone, and stores them in etc/users.gdb. 
- 
-Do the following: 
- 
-1. Create a text file named myusers.csv and add the following line inside: 
-<code>Tom,123456,administrator</code> 
- 
-2. open a terminal 
- 
-3. move to Greenstone root folder. 
- 
-4. Run setup.bat (Windows) or setup.bash 
- 
-5. Run "perl -S csv-usernames-to-db.pl /path_to_file/myusers.csv" 
- 
-With this script you will create a user named Tom, with password "123456" that belongs to administrator´s group. Log in with Tom and now you will be able to edit admin user and change his password. This way you will not delete all the other users you had defined previously. 
- 
-**Option 2** 
- 
-1. If you're admin, then open a terminal. To set the admin password on Linux, you can run: 
-<code>./gsicontrol.sh configure-admin</code> 
-and on Windows: 
-<code>gsicontrol.sh configure-admin</code> 
- 
-2. If your admin account is working fine, then make sure you've enabled the Administration pages. You can do this by opening etc/main.cfg in a text editor and changing the line that says: 
-<code>status    disabled</code> 
-to 
-<code>status    enabled</code> 
- 
-3. Go to your Greenstone home page, click on the //Administration Page// button and, in the page that then loads, click on the //List Users// link to the left. 
- 
-4. Login with the admin account. Then select the user whose password you want to reset by pressing the Edit button and filling in the new details. 
- 
-**Option 3** 
- 
-Delete the file greenstone/etc/users.gdb. Then go to admin page and log in with user admin. The password now defaults to "admin". Once logged in you can change your password. With this method you get access to the system but you are deleting all the other users you had defined. 
- 
- 
-=====Password Protection===== 
- 
-==== Private Collections ==== 
-This feature is not currently available through the Librarian Interface. Please close the collection if it is open in the Librarian Interface. Edit the GSDLHOME/collect/&lt;collname&gt;/etc/collect.cfg file, and add the following lines: 
- 
- authenticate collection 
- auth_groups &lt;groupname&gt; [&lt;groupname&gt; ...] 
- 
-You may have to restart the Greenstone server for the changes to take effect. 
- 
-The **auth_groups** line specifies the user group(s) which have access to the documents. To access a protected collection, a person must have a user name and password, and this user name must belong to one of the specified groups. See below for how to add new users and set their groups. 
- 
-**IMPORTANT NOTE:** In Greenstone 2.82 and earlier, use **auth_group** instead of auth_groups (both will still be recognised in later Greenstone versions). 
-==== Private Documents ==== 
- 
-It is possible to password-protect specific documents in your collection. 
- This feature is not currently available through the Librarian Interface. Please close the collection if it is open in the Librarian Interface. Edit the GSDLHOME/collect/&lt;collname&gt;/etc/collect.cfg file, and add the following lines: 
- 
- authenticate document 
- auth_groups &lt;groupname&gt [&lt;groupname&gt ...] 
- 
-The **auth_groups** line specifies the user group(s) which have access to the documents. To access a protected collection, a person must have a user name and password, and this user name must belong to one of the specified groups. See below for how to add new users and set their groups. 
- 
-**IMPORTANT NOTE:** In Greenstone 2.82 and earlier, use **auth_group** instead of auth_groups (both will still be recognised in later Greenstone versions). 
- 
-Then add **either** of the following two lines: 
- private_documents &lt;oid&gt [&lt;oid&gt ...] 
- public_documents &lt;oid&gt [&lt;oid&gt ...] 
- 
-These two lines specify a list of document identifiers (ex.Identifier in the Enrich pane). Using **private_documents**, all specified documents will be password protected, while any others are freely accessible. Using **public_documents**, all specified documents will be freely available, with all others password protected. 
- 
- 
-=====Creating a new user===== 
- 
-You need to use the administration facility. You can access the administration page by clicking the **Administration Page** button on the home page of your Greenstone installation. If this is not present, enable it by setting **status** to **enabled** in the GSDLHOME/etc/main.cfg file. 
- 
-From the administration page you can list users and add new users by clicking the links down the left hand side of the page. You will need to use the admin account that was set up when you installed Greenstone. 
- 
-You can change the properties of an existing user by clicking the edit link from the list users page.  
- 
-If you are adding users to access a protected collection, make sure you add the required group into the groups field. 
  
  
Line 157: Line 79:
 You can find out what the cgi arguments mean by going to the Administration page of your Greenstone installation, or from [[en:urls| this page]]. You can find out what the cgi arguments mean by going to the Administration page of your Greenstone installation, or from [[en:urls| this page]].
  
-===== User Comments ===== 
- 
-If you enable comments for your library, library users with accounts are able to add comments 
-to the document pages of collections. 
- 
-To allow users to view and add comments to documents: 
-  - In the Format Features section of the Format pane of GLI, go to the Choose Feature dropdown and select AllowUserComments.  
-  - Press the Add Format button to add this to the list of active Format Features for your collection.  
-  - Select the AllowUserComments option that is now in the list and then tick its Enabled button to activate it.  
-  - Press the Preview button and visit a document of your collection.  
-It should now provide a small "Add comment" link at the bottom. Users need to have accounts in your digital library in order to add their own comments, but existing comments once added can be seen by all. 
  
  
en/user/authentication.txt · Last modified: 2023/03/13 01:46 by 127.0.0.1