Sharing GWS data via HTTP

This article describes how data in GWS can be shared via HTTP. it covers:

  • What is HTTP data sharing?
  • Public access set up
  • Restricted access set up

What is HTTP data sharing?

JASMIN Group Workspaces (GWSs) can be made visible via a web browser or HTTP client by creating a  public directory and placing content inside it. The GWS manager has to contact the CEDA Helpdesk to request this service for a specific GWS.

The following section describes how to set up restricted and unrestricted access to your "public" directory. If you require access control then see the section on password-protected access below.

This facility is not to be used for hosting entire project websites, but just as a means for specific data files to be made available to a wider audience than members of a Group Workspace. Projects considering web-based solutions for a project website showcasing or disseminating their data via more complex tools should consider requesting an external tenancy in the JASMIN Community Cloud.

Public access set up

In some cases the GWS manager may want to make some files and directories available over HTTP so that users (perhaps a wider audience than just the membership of the GWS) can access the data via a web browser or other HTTP-based tools. This can be done by creating a public directory in the top-level directory of the GWS, for example:

$ cd /group_workspace/jasmin/foobaa/ 
$ mkdir public 
$ chmod -Rf 755 public

You should then contact CEDA Support and ask for this directory to be made visible via the gws-access server. The CEDA team will configure this change and your public directory will then be visible from:

http://gws-access.ceda.ac.uk/public/foobaa/

Please see the section below if you wish to control who can access the content of one or more of the sub-directories within your  public directory.

Restricted access set up

In order to restrict access to your "public" directory, and/or any sub-directories, you will need to create an ".htaccess" file within it. In turn, the ".htaccess" file must point to a ".htpasswd" file which lists the usernames and encrypted passwords that have read-access to that directory.

NOTE: This method of access control is entirely separate and independent of the SSH login accounts used on JASMIN and would be the responsibility of the GWS Manager to maintain. It is not particularly recommended as it adds complication for GWS managers and users, but is an option if really needed.

In order to create the ".htpasswd" file, you will need access to the "htpasswd" command. This is available on the following servers:

  • jasmin-xfer1.ceda.ac.uk
  • cems-xfer1.cems.rl.ac.uk

You can then create the ".htpasswd" file as follows (using the example of a Group Workspace called "foobaa"):

$ export GWS=/group_workspaces/jasmin/foobaa/ 
$ cd $GWS
$ mkdir -p public 
$ cd public
$ htpasswd -b -m -c $GWS/public/.htpasswd i_am_a_user i_am_a_password

Before this will work, you also need to create a ".htaccess" file which you could do as follows

$ cat >.htaccess <<EOL 
AuthType Basic 
AuthName "Password Required" 
AuthUserFile /group_workspaces/jasmin/foobaa/public/.htpasswd 
Require valid-user
EOL

Finally, change the permissions on these files:

$ chmod 644 .htaccess .htpasswd

Now, you can test that you get prompted for the username and password by visiting

http://gws-access.ceda.ac.uk/public/foobaa/

Still need help? Contact Us Contact Us