DATAmaestro and OpenID In order to access DATAmaestro, a user must be : authenticated authorized
A user can be authenticated via Google OpenID (“Connect with Google”). If the user does not use a Google account, a PEPITe OpenID account must be created. In order to be authorized, the user just need to exist in the DATAmaestro User list
InterfaceUser management is carried out via the Users module within Admin The interface contains two main tabs. The first one lists the DATAmaestro Users and the second the PEPITe OpenID Users. The Users tab is used to manage the DATAmaestro user account information. This includes personal information (name, email,...) and access information (roles, workspaces/folders, ...). The OpenID Users tab is used to manage the PEPITe OpenID user. This includes the password creation/edition and the OpendID role. This tab is only used for managing users without Google account (or in offline datamaestro installation) as they need an OpenID account to authenticate.
Creating a new user
The new user has a Google account and DATAmaestro is connected to internetAs the user has a Google account, he can already authenticate with it and we only need to create a DATAmaestro account to authorize it. Prerequisite : DATAmaestro account with PEPITe access right (= “admin”) From DATAmaestro home select View Admin > Edit Users > Users tab. Click on +User on top right Fill the differents fields Id (mandatory) <Google Account Address> Name Firstname User Type PEPITe : All access Local Admin : Tag/Job management
Workspaces/Folders (mandatory) <workspace1>,<workspace2> Select an expiration date or leave it empty for indefinite
Click OK
The user with the Google account linked to newaccount@pepite.beaddress can now log in to DATAmaestro : Pressing the “Connect With Google” button on DATAmaestro login page will first authenticate the account newaccount@pepite.be. It will then be authorized to access the application since the address exists in the DATAmaestro Users list.
The new user does not have a Google account or DATAmaestro is not connected to internetAs in the previous section, we need to create a DATAmaestro User to authorize the user email address. But it will not be enough because this email address can not be used to authenticate the user. In addition to the previous section, we will create a PEPITe OpenID account. Prerequisites : DATAmaestro account with PEPITe access right (= “admin”) OpenID account with admin right (= “openadmin”) HTTPS access to the server
Repeat the steps from the previous section. Instead of the Google account email address, simply use the user email address. Then select the OpenID Users tab Login with your openadmin account On the OpenID Users tab, click +OpenID User on top right In the popup fill these fields : Id : same as Login or empty [retrocompatibility reason] Login (mandatory) : the user email address (same as the one used in Users tab) Fill the Password field (must contain +8 characters, an uppercase, lowercase and digit)
Select the OpenID Role Admin : can create new OpenID user User : simple user
Check Must Change Password if you want to force the user to change password at first login.
NB: When logged in OpenID, you can get back to the Users tab, then select the DATAmaestro Users and click the +New OpenIDUser button; a popup will appear with most of the fields pre-filled. 2. Editing and Deleting UsersEdit/Delete DATAmaestro Users Log in as a PEPITe admin From DATAmaestro home select View Admin > Edit Users > Users tab Click the pencil icon to edit and the bin icon to delete the user
Edit/Delete PEPITe OpenID Users Log in as a PEPITe admin From DATAmaestro home select View Admin > Edit Users > OpenID Users Click the top right button OpenID Login and login with your openadmin account Click the pencil icon to edit, and the bin icon to delete the user
|