CAUTION: This e-mail originated outside the University of Southampton.

Evening (for me anyway) all,

An update and updated question.

I ended up completing this using a cgi script and some clever "tricks" to keep the access token viable. Is it any easier to make the CGI pages log-in only or is that in fact harder than a static page?

I've only just finished the bulk of the task after getting stuck on a problem where my server wouldn't talk to the other server that was solved using:

'SSL_version' => 'TLSv1_2' with LWP::UserAgent.

I'm going to look at David and Johns suggestions in relation to log-in protected static pages. Any similar advice for cgi pages would be appreciated.

Thanks,

James

On Mon, Jan 25, 2021 at 11:08 AM James Kerwin via Eprints-tech <eprints-tech@ecs.soton.ac.uk> wrote:

CAUTION: This e-mail originated outside the University of Southampton.

Hi David and John,

Thank you both for this. I've got plenty to go on now. It's not quite the easy "if logged on... else..." I had hoped for, but I didn't have high hopes for that route to start with.

I think for now I'll get it working in a very basic way and follow through with your suggestions later today or this evening. I'm currently at the stage where I have the data and can refresh the access token in a bit of an awkward way so I just need to print it to a screen.

Basically there's a LibCal screen we want some contractors to see, but we "can't" give them a login so need to extract the data and display it somewhere where they can get a log in/see it. Somehow it's fallen to me as the "computer person" in the library.

Thanks for the advice and guidance!

James

On Mon, Jan 25, 2021 at 9:57 AM John Salter <J.Salter@leeds.ac.uk> wrote:

Hi James,
By default I don't think there is a way (can't recall seeing this) - but here's some possible options:

- write a simple cgi script in ~/archives/ARCHIVEID/cgi/users/ and use a phrase to display the page

- write a cgi script that calls a screen plugin that checks for a user using normal screen methods

- create a folder e.g. ~/archives/ARCHIVEID/cfg/lang/en/static/users/ and create a URL rewrite trigger that matches that path. The trigger would return 'OK' if there is a user present, or 'AUTH_REQUIRED' (401) if not.

Some are less 'xpage'y - so if the plan was that someone else has editorial rights over the content of that page, the last one would probably be best.
I think the middle one is the most EPrints-y, and the first is most hacky...

Does any of that help?
Cheers,

John

---

From: eprints-tech-bounces@ecs.soton.ac.uk <eprints-tech-bounces@ecs.soton.ac.uk> on behalf of James Kerwin via Eprints-tech <eprints-tech@ecs.soton.ac.uk>
Sent: 25 January 2021 09:17
To: eprints-tech@ecs.soton.ac.uk <eprints-tech@ecs.soton.ac.uk>
Subject: [EP-tech] Static Page - Log In

 

CAUTION: This e-mail originated outside the University of Southampton.

Hi All,

Hope we're all happy and healthy.

I've been given a task and one option to complete it is to display information on a static page in EPrints. Due to the potentially sensitive nature of the data I was wondering if it's possible to have a static page in EPrints that requires the user to be logged in to EPrints to see it?

I've had a quick look around and looked at all my ".xpage" files and I have no examples. I feel like it isn't possible, but thought it would be best to ask.

If it isn't possible I have some other approaches to take. They will just take longer and my brain is already a bit scrambled after working out the LibCal API.

Thanks,

James

*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/

*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/