Public Welcome Page

Is there a way to have a Public Welcome Page in front of the authentication page that explains what this implementation of OnDemand does and then redirects the user to the authentication page? In our case, it would be Globus using oidc. But we want a way to intercept the user to explain our use of OnDemand before asking them to authenticate.

Hi Susan.

Thanks for the post.

We will take a look and get back with you. Please give us a few days to look at the code and determine what our options are.

Thanks,
-gerald

Hi - Has anyone had an opportunity to look into this request for information? Thanks - Susan

You can try to use the root_uri setting in the ood_portal.yml to redirect to a static page. But this will mean that / (the root of your host) won’t automatically redirect to /pun/sys/dashboard anymore, so you’ll need to set links in your custom page.

But that said - It’s really up to your identity provider in this case globus. If you use their online server, I’m not sure if you can change that.

However, it looks like if you’re using on on premise server, looks like you can customize that.

https://docs.globus.org/globus-connect-server/v5.4/globus-oidc-guide/#custom_login_page

Jeff,

Can OOD service web content before the user has authenticated? If so, what URL space would that be? It wouldn’t be serviced by the user’s pun…

If not, I guess we could have Apache service content that isn’t passed through to NGINX. Is it possible to change the base OOD url from /pun/… to /ood/pun/… (for example) so that the https://server/ page can be static Apache content and we can control when the /ood/ sub-path is actually invoked?

Sure - the public folder. We have this alias.

  Alias "/public" "/var/www/ood/public"
  <Directory "/var/www/ood/public">
    Options FollowSymLinks
    AllowOverride None
    Require all granted
  </Directory>

I believe this is what root_uri will do. The /pun URLs will still be authenticated, no need to change that.

root_uri only provides 1 functionality. Namely to redirect / to /pun/sys/dashboard. If you change this, / will redirect somewhere else and all our URLS (/pun, /node, /rnode) will continue to require authentication.

A potential approach to create a public welcome page.

  1. Change the root_uri to /ood/pun/.
  2. Change Apache to redirect https://server.com/ to https://server.com/public/welcome.html
  3. Create a custom welcome.html
  4. Have welcome.html send the user to https://server.com/ood/pun/sys/dashboard to login

Should this work?

This is what I’m suggesting.

  1. Change the root_uri to /public/welcome.html.
  2. (is handled by 1)
  3. Create a custom welcome.html — shouldn’t this be 1?
  4. Have welcome.html send the user to https://server.com/pun/sys/dashboard to login

While you can change the pun_uri to /ood/pun to change that - it will have no affect on what you’re trying to do (other than what URL to redirect to in number 4), which is to say it’s not needed here.