This is the documentation for SuperSTAR 9.8

SuperSTAR 9.9 is now available.
View this page in the SuperSTAR 9.9 documentation or visit the SuperSTAR 9.9 documentation home.

Skip to end of metadata
Go to start of metadata

You may wish to allow users to access SuperWEB2 without logging in (referred to as "guest access").

When guest access is enabled, users can access SuperWEB2 without having to provide a username and password. They can either click the Guest log in link on the login screen, or visit a special URL that bypasses the login screen altogether and takes them straight to SuperWEB2 (see below for more details).

Guest users cannot save tables or custom data.

SuperSTAR is supplied with a number of default, standard user accounts to enable you to complete the initial setup. One of the standard accounts is a guest user (username: guest, password: guest).

By default, guest access is enabled and is configured to use this account for guest access.

If you decide to keep guest access enabled on your deployment and use the default guest user account, then you are recommended to change the password for this account.

Configure Guest Access

If you want to use a different user account for guest access, you will need to complete the following configuration steps:

Step 1 - Create the Dedicated Guest User Account

If you do not want to use the default guest account, or you have deleted it, you will need to create a dedicated account for guest access.

Create the account in SuperADMIN, using the account command. For example:

> account createuser guestuser "Guest User Account" guestpassword

Once you have created the guest account, configure permissions in SuperADMIN so that it has read access to all the datasets you want guest users to see. Learn more about configuring user permissions.

Step 2 - Configure SuperWEB2

By default, SuperWEB2 is configured to use the username guest and the password guest to login when a user clicks the Guest log in option. If your guest user account has a different username and password, then you will need to update the SuperWEB2 configuration:

  1. Open <tomcat_home>\webapps\webapi\WEB-INF\web.xml in a text editor.

    Make a backup copy of this file before making any changes.

  2. Locate the following section:

        <!-- Guest user configuration -->
        <context-param>
            <description>
                This parameter defines the username to be used to connect to SuperADMIN for guest users
                It must be different to any username that has any other level of access.
            </description>
            <param-name>GuestUsername</param-name>
            <param-value>guest</param-value>
        </context-param>
        <context-param>
            <description>
               This parameter defines the password to be used to connect to SuperADMIN for guest users
            </description>
            <param-name>GuestPassword</param-name>
            <param-value>guest</param-value>
        </context-param>
  3. Update the parameter values to the username and password of the guest user account. For example:

        <!-- Guest user configuration -->
        <context-param>
            <description>
                This parameter defines the username to be used to connect to SuperADMIN for guest users
                It must be different to any username that has any other level of access.
            </description>
            <param-name>GuestUsername</param-name>
            <param-value>guestuser</param-value>
        </context-param>
        <context-param>
            <description>
               This parameter defines the password to be used to connect to SuperADMIN for guest users
            </description>
            <param-name>GuestPassword</param-name>
            <param-value>guestpassword</param-value>
        </context-param>
  4. Restart the Tomcat or SuperWEB2 service.
  5. Connect to SuperWEB2 in your browser and check that you can login as the guest user:

If a user logs in with the guest username and password (i.e., the user types those credentials into the User Name and Password boxes, rather than clicking the Guest log in option), then the guest restrictions, such as the inability to save tables or create custom groups, will not apply.

Disable Guest Access

If you do not want to allow guest access then you can disable it by doing the following:

  1. Open <tomcat_home>\webapps\webapi\login.xhtml in a text editor.

    Make a backup copy of this file before making any changes.

  2. Locate the following section:

    <tr class="loginForm-buttons">
        
    <td class="leftCol">
            <h:commandLink value="#{messages['page.login.guest.login.text']}" tabindex="0"
                           action="#{loginBean.authenticateGuest}" styleClass="guestLoginLink"/>
        </td>
        
    <td class="rightCol rightAlign">
            <h:commandButton id="login2" value="#{messages['page.login.login.button.label']}" tabindex="0"
                             action="#{loginBean.authenticate}" styleClass="activeButton"/>
        </td>
    </tr>
  3. Comment out the element that prints the guest login link:

    <tr class="loginForm-buttons">
        
    <td class="leftCol">
            <!-- <h:commandLink value="#{messages['page.login.guest.login.text']}" tabindex="0"
                           action="#{loginBean.authenticateGuest}" styleClass="guestLoginLink"/> -->
        </td>
        
    <td class="rightCol rightAlign">
            <h:commandButton id="login2" value="#{messages['page.login.login.button.label']}" tabindex="0"
                             action="#{loginBean.authenticate}" styleClass="activeButton"/>
        </td>
    </tr>
  4. Save your changes to the file.
  5. Open <tomcat_home>\webapps\webapi\WEB-INF\web.xml in a text editor and check the GuestUsername parameter to confirm which account is currently configured for guest access:

        <!-- Guest user configuration -->
        <context-param>
            <description>
                This parameter defines the username to be used to connect to SuperADMIN for guest users
                It must be different to any username that has any other level of access.
            </description>
            <param-name>GuestUsername</param-name>
            <param-value>guest</param-value>
        </context-param>

    In this example, the account with the username guest is configured for guest access.

  6. Leave the settings in web.xml unchanged, but go to SuperADMIN and delete this guest user account. For example:

    > account guest remove

    This step is necessary in order to prevent users from logging in using the special /home URL (see below).

  7. Restart Tomcat or the SuperWEB2 service.

Allow Automatic Login as Guest

Once you have configured the guest login, you can allow users to log in as guest automatically by providing them with a special URL to access SuperWEB2.

Simply append /home to the standard SuperWEB2 URL, as follows:

If the SuperWEB2 URL is...The Automatic Guest Login URL is...
http://localhost:8080/webapi/http://localhost:8080/webapi/home

Prevent Guest Users from Creating Large Tables

If you decide to allow guest user access to your system, you may wish to prevent guest users from creating large tables. See Prevent Guest Users from Creating Large Tables - SuperWEB2 for more details.

You can also apply user limits to the guest user account, as an alternative means of preventing guest users from creating large tables. See Configure User Query Limits - SuperWEB2 for more information.

Configure the Number of Concurrent Guest Users

If you choose to enable guest user access, you may wish to configure the maximum number of guest users who can connect at any one time. See Configure Concurrent User Limits - SuperWEB2 for more information.