Versions Compared

Old Version 2

changes.mady.by.user Mike Conlon

Saved on

compared with

New Version Current

changes.mady.by.user Mike Conlon

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Overview

In VIVO, the basic functions of browsing and searching are open to anyone. However, if a VIVO user wants to view restricted data, or to manage VIVO, he must log in to a User Account.

...

Each User Account has a Role assigned to it. The Role determines how much the user is authorized to do. The lowest Role will permit the user to edit his own profile page. Higher Roles permit editing additional data properties, modifying the ontologies, and administering the VIVO application.

Authentication

Internal Authentication

Every VIVO system allows users to log in to an existing User Account by supplying the Email Address and password to the account. Even in an installation that relies on external authentication, there are administrative pages that allow a user to login with Email Address and password.

External Authentication

VIVO can be configured to work with an External Authentication system like Shibboleth or CUWebAuth. In that case, the user provides whatever information the External Authentication system requires, and the External Authentication system passes an ID value to VIVO. VIVO recognizes that the user is logged in to the User Account whose "External Authentication ID" field matches that ID.

...

NOTE: To configure VIVO for an External Authentication system, please consult the Installation Guide, and refer to the section entitled ‘Using an External Authentication System with VIVO’. Note also that the value of the property (the designated External Authentication ID field) must be an exact match for the username/email of the user.

External-Only Accounts

When creating an account, an administrator may indicate that it is for external authentication only. In that case, no password is assigned to the account, since the External Authentication system manages its own passwords or other credentials.

What is a User Account?

Each User Account is identified by the user’s Email address. Each account will have the user’s first name and last name, and a role. The account will have additional information, depending on how it is used.

  • External Authentication ID – permits logging in by the External Authentication system.
    NOTE: Two User Accounts may not have the same External Authentication ID
  • Password – permits logging in by the Internal Authentication system.
  • Matching ID – can be used to associate the User Account with a profile page.

...

  • .

User Roles

In VIVO there are four user roles that can be assigned: administrator, curator, editor, and self-editor. Future releases will allow VIVO administrators to create additional roles. Permissions provided to roles will determine access options available to user accounts within VIVO. It is important to consider what a new user’s role may be, prior to setting up the new account.

...

System Administrator –- In addition to the abilities of the Curator, the Administrator may access the menu management, user accounts, and advanced data tools features. The advanced data tools section include the ingest menu, Add/Remove RDF data, RDF export, SPARQL query, and SPARQL query builder privileges.

Profile Pages

Each User Account may be matched with an Individual in the VIVO data model. The display page for that Individual is known as the “profile” for that User Account.

...

NOTE: To configure VIVO to match User Accounts with profiles, please consult the Installation Guide, and refer to the section entitled 'Specify Deployment Properties'.

The Root User Account

Each VIVO installation has a special User Account, called the root account. The root account has no Role. Nonetheless, the root account is authorized:

...

NOTE: To configure the root account, please consult the Installation Guide, and refer to the section entitled 'Specify Runtime Properties'.

Managing User Accounts

Normal workflow

In normal operation, users will receive an Email message when a VIVO account is created for them, when their password is reset by an administrator, or when the Email address on their User Account is changed. One benefit of this is that the administrator does not need to know the user’s password, and does not need to tell the user his password.

...

Note: User Accounts that are created for External Authentication do not require passwords, so no such link is sent.

Workflow without Email

Email notifications can be disabled by configuring VIVO without a “Reply-To” address. In that case, users are not notified when User Accounts are created or changed.

...

Note: To disable Email notifications, please consult the Installation Guide, and refer to the section entitled 'Specify Deployment Properties'.

External Authentication

In many VIVO installations, the creation of most User Accounts is simple and routine. A user presents credentials to the External Authentication system, and VIVO creates an account with minimal privilege, prompting the user for name and Email Address. In this case, an administrator may edit such an account to assign a higher Role, if desired.

...