Sharing GWS data via HTTP

This article describes how data in a GWS can be shared via HTTP. it covers:

  • What is HTTP data sharing?
  • Public access set up
  • Restricted access set up

What is HTTP data sharing?

JASMIN Group Workspaces (GWSs) can be made visible to a web browser or HTTP client by:

  1. creating a  public directory and placing content inside it, then
  2. The GWS manager making a request to the JASMIN Helpdesk to request that this specific GWS is configred to be shared via HTTP.

Both these steps need to be completed in order for the GWS to be visible via HTTP. By default, GWSs are not visible by HTTP.

The following section describes how to set up restricted and unrestricted access to your "public" directory. If you require access control then see the section on password-protected access below.

This facility is not to be used for hosting entire project websites, but just as a simple means for specific data files to be made available to a wider audience than members of a Group Workspace. Projects considering web-based solutions for a project website showcasing or disseminating their data via more complex tools should consider requesting an external tenancy in the JASMIN Community Cloud.

Public access set up

In some cases the GWS manager may want to make some files and directories available over HTTP so that users (perhaps a wider audience than just the membership of the GWS) can access the data via a web browser or other HTTP-based tools. This can be done by creating a public directory in the top-level directory of the GWS, for example:

$ cd /group_workspace/jasmin/foobaa/ 
$ mkdir public 
$ chmod -Rf 755 public

You should then contact JASMIN Support and ask for this directory to be made visible via the gws-access server. The JASMIN team will configure this change and your public directory will then be visible from:

https://gws-access.jasmin.ac.uk/public/foobaa/

Note: The URL of this service has recently changed (June 2020). A redirect is in place from the old URL of https://gws-access.ceda.ac.uk, so the change should be transparent to existing users, but please use the new URLs beginning with https://gws-access.jasmin.ac.uk/ to avoid any problems for example with HTTP clients that are unable to handle redirects.

Please see the section below if you wish to control who can access the content of one or more of the sub-directories within your  public directory.

Restricted access set up

In order to restrict access to your "public" directory, and/or any sub-directories, you will need to create an ".htaccess" file within it. In turn, the ".htaccess" file must point to a ".htpasswd" file which lists the usernames and encrypted passwords that have read-access to that directory.

NOTE: This method of access control is entirely separate and independent of the SSH login accounts used on JASMIN and would be the responsibility of the GWS Manager to maintain. It is not secure and not particularly recommended as it adds complication for GWS managers and users, but is an option for some basic access control if really needed.

In order to create the ".htpasswd" file, you will need access to the "htpasswd" command. This is available on the following servers:

  • jasmin-xfer1.ceda.ac.uk
  • cems-xfer1.cems.rl.ac.uk

You can then create the ".htpasswd" file as follows (using the example of a Group Workspace called "foobaa"):

$ export GWS=/group_workspaces/jasmin/foobaa/ 
$ cd $GWS
$ mkdir -p public 
$ cd public
$ htpasswd -b -m -c $GWS/public/.htpasswd i_am_a_user i_am_a_password

Before this will work, you also need to create a ".htaccess" file which you could do as follows

$ cat >.htaccess <<EOL 
AuthType Basic 
AuthName "Password Required" 
AuthUserFile /group_workspaces/jasmin/foobaa/public/.htpasswd 
Require valid-user
EOL

Finally, change the permissions on these files:

$ chmod 644 .htaccess .htpasswd

Now, you can test that you get prompted for the username and password by visiting

https://gws-access.jasmin.ac.uk/public/foobaa/
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.