UI features

The administrator can manage the features that require authorized access through the UI features. Two actions are available for each feature: Edit Permission and Edit JSON .

adminui-uifeatures

Edit Permission

When it comes to editing permissions, there are three crucial aspects to consider:

Global Enablement: This setting enables the functionality for all users by default, excluding those specified in the "Exclude Users" list.
Include Users: These are the users who are allowed to access the specific function.
Exclude Users: This category comprises users who are explicitly denied access to the function.

adminui-uifeatures-edit_permission

Edit JSON

Each feature has its own unique characteristics and administrators have the right to fine-tune the configuration.

Warning

Before making any changes, it's crucial to be fully informed. It's recommended to back up the current configuration beforehand. After saving the settings, the instance will require a restart to apply the changes.

User Authentication (userProvider)

Supported Versions

Chemotion ELN	Protocol/Services
1.6 and after	OIDC, shibboleth

Setting

Once the settings have been saved, the ELN service requires a restart to apply the changes.

Configuration example:

{
  extra_rules: {
    enable: false,
    disable_signup: true,    
    disable_db_login: false  
  },  
  shibboleth: { 
    enable: false,
    uid: 'pairwise-id',
    email: 'mail',
    last_name: 'sn',
    first_name: 'givenName'
  },
  openid_connect: {
    enable: true,
    host: "oidc.address.edu",
    icon: "path/to/image.png",
    issuer: "https://oidc.address.edu/path/to/issuer",
    scheme: "https",
    client_id: "myClientID",
    redirect_uri: "https://your.chemotion_eln.address.edu/users/auth/openid_connect/callback",
    client_secret: "secret",
    token_endpoint: "/oauth2/token",
    authorization_endpoint: "/oauth2/auth"
  },
  github: {
    enable: false
    client_id: null
    client_secret: null
  }
}

OIDC Parameters

Parameter	Value
enable	`true` or `false`
host	address of the service
icon	path to a public image to display on the sign-in page
issuer	URL of the issuer
scheme	'https'
client_id	client ID
redirect_uri	your Chemotion ELN URL + '/users/auth/openid_connect/callback'
client_secret	secret
token_endpoint	'/oauth2/token'
authorization_endpoint	'/oauth2/auth'

Shibboleth Parameters

Parameters	Value
enable	`true` or `false`
uid	'pairwise-id'
email	'mail'
last_name	'sn'
first_name	'givenName'

Extra Rules Parameters

Parameters	Value
enable	`true` or `false`
disable_signup	`true` or `false`
disable_db_login	`true` or `false` (Please make sure the system has an administrator account that can log in via third-party credentials before disabling DB login.)

Edit Permission​

Edit JSON​

User Authentication (userProvider)​

OIDC Parameters​

Shibboleth Parameters​

Extra Rules Parameters​