| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
66201
|
Mon Feb 9 07:58:46 2009 |
 | mike cianci | mike2.cianci@comcast.net | Comment | Windows | 2.7.5 | Re: Multi attribute email notification |
| John Rouillard wrote: |
|
| mike cianci wrote: |
|
Your suggestion worked GREAT (like always)
|
Could you post an example of what you used?
|
Sorry, it took me so long to respond. I didn't notice your request.
Attributes = Instrument, Notify Lead Tech
Options Instrument = Olympus, Beckman
Options Notify Lead Tech = Yes{a}, No {b}
{a}Email Instrument Olympus = John@lab.net (i.e. if it is "Yes" and "Olympus" - John gets an email)
{a}Email Instrument Beckman = Mary@lab.net (i.e. if it is "Yes" and "Beckman" - Mary gets an email) |
|
66202
|
Mon Feb 9 07:58:58 2009 |
| mike cianci | mike2.cianci@comcast.net | Comment | Windows | 2.7.5 | Re: Multi attribute email notification |
| John Rouillard wrote: |
|
| mike cianci wrote: |
|
Your suggestion worked GREAT (like always)
|
Could you post an example of what you used?
|
Sorry, it took me so long to respond. I didn't notice your request.
Attributes = Instrument, Notify Lead Tech
Options Instrument = Olympus, Beckman
Options Notify Lead Tech = Yes{a}, No {b}
{a}Email Instrument Olympus = John@lab.net (i.e. if it is "Yes" and "Olympus" - John gets an email)
{a}Email Instrument Beckman = Mary@lab.net (i.e. if it is "Yes" and "Beckman" - Mary gets an email) |
|
66326
|
Tue Apr 21 20:32:10 2009 |
| Hal Proctor | hproctor@mpm.com | Question | Windows | 2.7.5 | Re: Multi Logook Login RESOLVED |
| Stefan Ritt wrote: |
|
| Hal Proctor wrote: |
|
| Grant Jeffcote wrote: |
|
|
Hal Proctor wrote:
|
|
We have two logbooks, each with a different list of users.
The logbooks are open to all network users for read only.
A user with Write permisions logs into his designated logbook.
He then decides to view the other logbook, the one he does not have write permissions to by clicking on the tab to the other logbook.
He is immediately logged out of the logbook he has write permissions to.
He did not close his browser session, only clicked on the other logbook tab.
Is there Any way to keep that person logged into the logbook he has rights to without having the "keep me logged in Checkbox"?
Just like this site has Forum, Config Examples, etc.
Once you select another tab they are logged out of their logbook they just logged in to.
|
Have a look at this thread Hal, worked well for me: Link
|
thanks Grant, but I dont see the solution. your last entry still states users being logged out when switching logbooks.
Are you suggesting that every user within our orginization needs to be on the deny list of logbook1 if they have rights to logook2?
|
Can you try the following:
- Put your "password file = xxx" option from the [global] section in elogd.cfg into each individual logook, remove it from [global]
- Remove all cookies from your browser
- Try again to log in to the individual logbooks
The login is handled through cookies. Once you log in, you get two cookies unm (for user name) and upwd (for user password). Each cookie contains a "path" which controls to which URL the browser sends that cookie. If you "password file = xxx" statement is under [global], then "path=/", meaning the cookie is sent for all logbooks. This confuses you if you have different rights for different logooks. If "password file = xxx" is however in each individual loogbooks configuration, then you get "path=/<lobook>". You can check that by inspecting your browser's cookies. In that case the login name and password cookies are only sent to the URL for that specific logbook. I have not tested that extensively (different browsers, with/without Apache proxy), but if it works reliably, I will put this into the documentation.
|
This worked for us just fine! thanks! |
|
66311
|
Tue Apr 14 18:51:43 2009 |
| Grant Jeffcote | grant@jeffcote.org | Question | Windows | 2.7.5 | Re: Multi Logook Login |
|
Hal Proctor wrote:
|
|
We have two logbooks, each with a different list of users.
The logbooks are open to all network users for read only.
A user with Write permisions logs into his designated logbook.
He then decides to view the other logbook, the one he does not have write permissions to by clicking on the tab to the other logbook.
He is immediately logged out of the logbook he has write permissions to.
He did not close his browser session, only clicked on the other logbook tab.
Is there Any way to keep that person logged into the logbook he has rights to without having the "keep me logged in Checkbox"?
Just like this site has Forum, Config Examples, etc.
Once you select another tab they are logged out of their logbook they just logged in to.
|
Have a look at this thread Hal, worked well for me: Link |
|
66313
|
Tue Apr 14 20:03:06 2009 |
| Hal Proctor | hproctor@mpm.com | Question | Windows | 2.7.5 | Re: Multi Logook Login |
| Grant Jeffcote wrote: |
|
|
Hal Proctor wrote:
|
|
We have two logbooks, each with a different list of users.
The logbooks are open to all network users for read only.
A user with Write permisions logs into his designated logbook.
He then decides to view the other logbook, the one he does not have write permissions to by clicking on the tab to the other logbook.
He is immediately logged out of the logbook he has write permissions to.
He did not close his browser session, only clicked on the other logbook tab.
Is there Any way to keep that person logged into the logbook he has rights to without having the "keep me logged in Checkbox"?
Just like this site has Forum, Config Examples, etc.
Once you select another tab they are logged out of their logbook they just logged in to.
|
Have a look at this thread Hal, worked well for me: Link
|
thanks Grant, but I dont see the solution. your last entry still states users being logged out when switching logbooks.
Are you suggesting that every user within our orginization needs to be on the deny list of logbook1 if they have rights to logook2? |
|
66316
|
Wed Apr 15 09:51:35 2009 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Windows | 2.7.5 | Re: Multi Logook Login |
| Hal Proctor wrote: |
|
| Grant Jeffcote wrote: |
|
|
Hal Proctor wrote:
|
|
We have two logbooks, each with a different list of users.
The logbooks are open to all network users for read only.
A user with Write permisions logs into his designated logbook.
He then decides to view the other logbook, the one he does not have write permissions to by clicking on the tab to the other logbook.
He is immediately logged out of the logbook he has write permissions to.
He did not close his browser session, only clicked on the other logbook tab.
Is there Any way to keep that person logged into the logbook he has rights to without having the "keep me logged in Checkbox"?
Just like this site has Forum, Config Examples, etc.
Once you select another tab they are logged out of their logbook they just logged in to.
|
Have a look at this thread Hal, worked well for me: Link
|
thanks Grant, but I dont see the solution. your last entry still states users being logged out when switching logbooks.
Are you suggesting that every user within our orginization needs to be on the deny list of logbook1 if they have rights to logook2?
|
Can you try the following:
- Put your "password file = xxx" option from the [global] section in elogd.cfg into each individual logook, remove it from [global]
- Remove all cookies from your browser
- Try again to log in to the individual logbooks
The login is handled through cookies. Once you log in, you get two cookies unm (for user name) and upwd (for user password). Each cookie contains a "path" which controls to which URL the browser sends that cookie. If you "password file = xxx" statement is under [global], then "path=/", meaning the cookie is sent for all logbooks. This confuses you if you have different rights for different logooks. If "password file = xxx" is however in each individual loogbooks configuration, then you get "path=/<lobook>". You can check that by inspecting your browser's cookies. In that case the login name and password cookies are only sent to the URL for that specific logbook. I have not tested that extensively (different browsers, with/without Apache proxy), but if it works reliably, I will put this into the documentation. |
|
66319
|
Wed Apr 15 14:44:42 2009 |
| Yoshio Imai | | Question | Windows | 2.7.5 | Re: Multi Logook Login | Hi, Stefan!
| Stefan Ritt wrote: | | If "password file = xxx" is however in each individual logbooks configuration, then you get "path=/<lobook>". You can check that by inspecting your browser's cookies. In that case the login name and password cookies are only sent to the URL for that specific logbook. I have not tested that extensively (different browsers, with/without Apache proxy), but if it works reliably, I will put this into the documentation. |
We had done so on your advice and in principle this works, but our experience has shown one problem:
We have separated our logbooks into different top groups because of the sheer number of them (i.e. experiment logbooks in one top group with logbook groups for the sub-categories, personal analysis logbooks in another top group etc.). Obviously, the experiment logbooks may share the same login, therefore we have put the "password file" statement into that top group's global section (otherwise, we would have to log on to every beamtime logbook individually, which can be cumbersome when comparing e.g. experiment settings between beamtimes). For the personal logbooks, of course, we use per-logbook-access (i.e. "password file" statement in the individual logbook sections) such that logging on to one's own logbook does not imply access to someone else's logbook. However, since the group/top group structure does not appear in the elog URLs, the cookies for the beamtime logbooks all have the path set to "path=/". This breaks the scheme again (I guess we have sort of "abused" the concept of top groups a little) and it is not possible to work in one of the experiment logbooks in parallel with one's own logbook without having to renew the login when switching the logbook.
Is it possible to modify the elogd such that it first checks if, among the cookies sent, there is one where the path corresponds to the path of the current logbook, and evaluate cookies with "path=/" only if no such cookie is found?
Yoshio |
|
66351
|
Wed May 6 16:03:56 2009 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Windows | 2.7.5 | Re: Multi Logook Login |
| Yoshio Imai wrote: | Hi, Stefan!
| Stefan Ritt wrote: | | If "password file = xxx" is however in each individual logbooks configuration, then you get "path=/<lobook>". You can check that by inspecting your browser's cookies. In that case the login name and password cookies are only sent to the URL for that specific logbook. I have not tested that extensively (different browsers, with/without Apache proxy), but if it works reliably, I will put this into the documentation. |
We had done so on your advice and in principle this works, but our experience has shown one problem:
We have separated our logbooks into different top groups because of the sheer number of them (i.e. experiment logbooks in one top group with logbook groups for the sub-categories, personal analysis logbooks in another top group etc.). Obviously, the experiment logbooks may share the same login, therefore we have put the "password file" statement into that top group's global section (otherwise, we would have to log on to every beamtime logbook individually, which can be cumbersome when comparing e.g. experiment settings between beamtimes). For the personal logbooks, of course, we use per-logbook-access (i.e. "password file" statement in the individual logbook sections) such that logging on to one's own logbook does not imply access to someone else's logbook. However, since the group/top group structure does not appear in the elog URLs, the cookies for the beamtime logbooks all have the path set to "path=/". This breaks the scheme again (I guess we have sort of "abused" the concept of top groups a little) and it is not possible to work in one of the experiment logbooks in parallel with one's own logbook without having to renew the login when switching the logbook.
Is it possible to modify the elogd such that it first checks if, among the cookies sent, there is one where the path corresponds to the path of the current logbook, and evaluate cookies with "path=/" only if no such cookie is found?
Yoshio |
I'm not sure if that helps. As soon as you have top groups, cookies have to use "path=/". I agree it would be best to use URLs in the form "http://<server>/<top group>/<logbook>", but cookies only support one level of directories (at least that was the case when I designed that a few years ago, I'm not sure if that's still the case). The only way around that is to give up top groups and run one elog server for each top group on a different port. |
|