OHDSI Home | Forums | Wiki | Github

Atlas local instance: almost there

Developers
#1

All,

Need some help again. My goal is to set up a local Atlas instance, which talks to a local WebAPI instance, and backend CDM tables are existing ones.

Here is what I have so far:

  1. WebAPI local instance works fine
  2. Atlas local instance is up, but the login button/link is missing

here is how my local Atlas instance looks:

image
image3188×1406 612 KB

and here is how my local WebAPI instance looks:

image
image2122×1944 414 KB

Here are the steps I used:

  1. use this document to setup postgres database ohdsi:
  1. use this document to setup local WebAPI:
  1. use this document to connect local WebAPI to the backend CDM tables:
  1. use this document to setup local Atlas (both WebAPI and Atlas are 2.8.0):

I feel I am close to having a successful local Atlas instance now… can someone please check what part I did wrong so I don’t see the login link?

Many thanks, as always.

#2

and here is what I see when I selected Data Source in local Atlas:

image
image3186×1944 625 KB

#3

And here is the console information I captured… not much.

image
image2074×1878 466 KB

#4

Hi @liyang,

To get the login, you’ll need a few items:

  1. identify which auth method you’ll use
  2. modify the settings.xml file accordingly, ensuring this value is set:
    <security.provider>AtlasRegularSecurity</security.provider>
  3. Add the provider to the Atlas config file so that the link will appear

Did you do all 3 steps?

Thanks,
Ajit

#5

Thank you very much! I tried to follow your instructions as best as I could, and I am getting back the sign-in link, but it gives me back “bad credentials”:

image
image2458×1952 573 KB

#6

So for Active Directory authentication, I think it best to verify your settings using an LDAP browser like Apache Directory Studio. That’s what I used to figure out the proper configuration for my environment. Check to see you can connect to the search base and run a search for your user name in that tool.

#7

Thank you @Ajit_Londhe. I am not sure I can fully follow what you have said. Feels like there is still some settings is wrong.

here again is my settings.xml for WebAPI:

<settings>
<profiles>
   <profile>
    <id>webapi-postgresql</id>
    <properties>
      <datasource.driverClassName>org.postgresql.Driver</datasource.driverClassName>
      <datasource.url>jdbc:postgresql://localhost:5432/OHDSI</datasource.url>
      <datasource.username>ohdsi_app_user</datasource.username>
      <datasource.password>app1</datasource.password>
      <datasource.dialect>postgresql</datasource.dialect>
      <datasource.ohdsi.schema>webapi</datasource.ohdsi.schema>
      <flyway.datasource.driverClassName>${datasource.driverClassName}</flyway.datasource.driverClassName>
      <flyway.datasource.url>${datasource.url}</flyway.datasource.url>
      <flyway.datasource.username>ohdsi_admin_user</flyway.datasource.username>
      <flyway.datasource.password>admin1</flyway.datasource.password>
      <flyway.locations>classpath:db/migration/postgresql</flyway.locations>
      <security.enabled>false</security.enabled>
      <security.token.expiration>43200</security.token.expiration>
      <security.origin>*</security.origin>
      <server.port>8089</server.port>
      <security.ssl.enabled>false</security.ssl.enabled>
      <security.oauth.callback.ui>http://localhost/Atlas/#/welcome</security.oauth.callback.ui>
      <security.oauth.callback.api>http://localhost:8089/WebAPI/user/oauth/callback</security.oauth.callback.api>
      <security.oauth.google.apiKey></security.oauth.google.apiKey>
      <security.oauth.google.apiSecret></security.oauth.google.apiSecret>
      <security.oauth.facebook.apiKey></security.oauth.facebook.apiKey>
      <security.oauth.facebook.apiSecret></security.oauth.facebook.apiSecret>
    </properties> 
  </profile>     
  </profiles>
</settings>

and here is my config-local.js for Atlas:

define([], function () {
	
	var appConfig = {};
	appConfig.userAuthenticationEnabled=true;

	// default configuration
	appConfig.api = {
		name: 'Local',
		url: 'http://localhost:8089/WebAPI/'
	};

	appConfig.authproviders = [{

     		"name": "Active Directory LDAP",
     		"url": "user/login/ad",
     		"ajax": true,
     		"icon": "fa fa-cubes",
     		"isUseCredentialsForm": true
    	}]

	return appConfig;
});

Can spot anything wrong in these settings?

If you look at my console error message,

XML Parsing Error: no root element found
Location: http://localhost:8089/WebAPI/user/me
Line Number 1, Column 1:

XML Parsing Error: no root element found
Location: http://localhost:8089/WebAPI/user/login/ad
Line Number 1, Column 1:

looks like in the location http://localhost:8089/WebAPI/user/login/ad, the “user/login/ad” part comes from my above config-local.js. So again, feels like the setting is wrong?

#8

And looks like in src/main/java/org/ohdsi/webapi/service/UserService.java, we have the following “user/me” path:

  @GET
  @Path("user/me")

Now, what setting do I need to do make sure the following error message is gone:

XML Parsing Error: no root element found
Location: http://localhost:8089/WebAPI/user/me
Line Number 1, Column 1:

Hope this can be of some help to see the problem?

#9

For using AD, you’ll need to change the settings.xml file to be more like this. You need to enable authentication by using the value “AtlasRegularSecurity” in the security.provider tag, then configure all of the AD tags. I’ve put the pertinent items in CAPS.

<settings>
<profiles>
   <profile>
    <id>webapi-postgresql</id>
    <properties>
      <datasource.driverClassName>org.postgresql.Driver</datasource.driverClassName>
      <datasource.url>jdbc:postgresql://localhost:5432/OHDSI</datasource.url>
      <datasource.username>ohdsi_app_user</datasource.username>
      <datasource.password>app1</datasource.password>
      <datasource.dialect>postgresql</datasource.dialect>
      <datasource.ohdsi.schema>webapi</datasource.ohdsi.schema>
      <flyway.datasource.driverClassName>${datasource.driverClassName}</flyway.datasource.driverClassName>
      <flyway.datasource.url>${datasource.url}</flyway.datasource.url>
      <flyway.datasource.username>ohdsi_admin_user</flyway.datasource.username>
      <flyway.datasource.password>admin1</flyway.datasource.password>
      <flyway.locations>classpath:db/migration/postgresql</flyway.locations>
      <security.provider>AtlasRegularSecurity</security.provider>
      <security.enabled>false</security.enabled>
      <security.token.expiration>43200</security.token.expiration>
      <security.origin>*</security.origin>
      <server.port>8089</server.port>
      <security.ssl.enabled>false</security.ssl.enabled>
      <security.cors.enabled>true</security.cors.enabled>
      <security.oauth.callback.ui>http://localhost/Atlas/#/welcome</security.oauth.callback.ui>
      <security.oauth.callback.api>http://localhost:8080/WebAPI/user/oauth/callback</security.oauth.callback.api>
      <security.oauth.google.apiKey></security.oauth.google.apiKey>
      <security.oauth.google.apiSecret></security.oauth.google.apiSecret>
      <security.oauth.facebook.apiKey></security.oauth.facebook.apiKey>
      <security.oauth.facebook.apiSecret></security.oauth.facebook.apiSecret>
      <security.oauth.github.apiKey></security.oauth.github.apiKey>
      <security.oauth.github.apiSecret></security.oauth.github.apiSecret>
      <security.oid.clientId></security.oid.clientId>
      <security.oid.apiSecret></security.oid.apiSecret>
      <security.oid.url></security.oid.url>
      <security.oid.redirectUrl>http://localhost/index.html#/welcome/</security.oid.redirectUrl>
      <security.ldap.dn>cn={0},dc=example,dc=org</security.ldap.dn>
      <security.ldap.url>ldap://localhost:389</security.ldap.url>
      <security.ldap.baseDn></security.ldap.baseDn>
      <security.ldap.system.username></security.ldap.system.username>
      <security.ldap.system.password></security.ldap.system.password>
      <security.ad.url>ldap://YOUR_ACTIVE_DIRECTORY:PORT</security.ad.url>
      <security.ad.searchBase>DC=VALUE1,DC=VALUE2...</security.ad.searchBase>
      <security.ad.principalSuffix>@ORGANIZATION.com</security.ad.principalSuffix>
      <security.ad.system.username>USER_NAME</security.ad.system.username>
      <security.ad.system.password>PASSWORD</security.ad.system.password>
      <security.ad.searchFilter>OPTIONAL_SEARCH_FILTER</security.ad.searchFilter>
      <security.ad.ignore.partial.result.exception>true</security.ad.ignore.partial.result.exception>
      <security.ad.result.count.limit>30000</security.ad.result.count.limit> <!-- 0 means no limit -->
      <security.ad.default.import.group>public</security.ad.default.import.group>
      <security.ad.searchString>(&amp;(objectClass=person)(userPrincipalName=%s))</security.ad.searchString>
      <security.ad.userMapping.displaynameAttr>displayName</security.ad.userMapping.displaynameAttr>
    </profile>     
  </profiles>
</settings>
#10

thank you! will try this.

t