Open Microscopy Environment

Hi everyone,

I just started my first OMOER server install and I can successfully see a login page that is asking for a username and password. There is nothing special about this install, it is exactly according to the following instructions for the server:

https://docs.openmicroscopy.org/omero/5 ... ice36.html

I then installed the web component according to the following instructions:

https://docs.openmicroscopy.org/omero/5 ... ce3.6.html

Both of those sets of instructions was successful, I then tried to create a read-write user for development and getting familiar with the OMERO environment, but I get the following error:

omero@OMERO:~$ OMERO.server/bin/omero user add alex.baasch Alex Baasch --group-name Dev-Group
Server: [localhost:4064]
Username: [omero]
Password:
Password check failed for 'omero': []
Password:
Password check failed for 'omero': []
Password:
3 incorrect password attempts
omero@OMERO:

I'm creating the user on the host server so I leave the Server and Username as the default as shown. Any thoughts on the issue.

I confirmed that I can successfully log into PSQL directly with the omero user and the password. Any help would be greatly appreciated. Thanks.

Hi Alex,

just to check some obvious points: Is 'omero' really a user in the OMERO system (in contrast to unix user)? Can you log in and create a session without performing any command, i.e. just './omero login'? Can you log in as 'root' user (again OMERO, not unix root)?

Regards,
Dominik

First off here is my PostgreSQL database informtaion:

omero@OMERO:~$ psql -d omero_database
psql (9.6.12)
Type "help" for help.

omero_database=# help
You are using psql, the command-line interface to PostgreSQL.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit
omero_database=# omero
omero_database-# \du
List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------------------+-----------
omero | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}

omero_database-# /q
omero_database-# :q
omero_database-# exit
omero_database-# quit
omero_database-# \q
omero@OMERO:~$ psql -d omero_database -U omero -W
Password for user omero:
psql (9.6.12)
Type "help" for help.

omero_database=# \conninfo
You are connected to database "omero_database" as user "omero" via socket in "/var/run/postgresql" at port "5432".
omero_database=# \dt
omero_database=# \l
List of databases
Name | Owner | Encoding | Collate | Ctype | Access privileges
----------------+----------+----------+-------------+-------------+-----------------------
omero_database | omero | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
postgres | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 |
template0 | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =c/postgres +
| | | | | postgres=CTc/postgres
template1 | postgres | UTF8 | en_US.UTF-8 | en_US.UTF-8 | =c/postgres +
| | | | | postgres=CTc/postgres
(4 rows)

omero_database=#

I granted login for the 'omero' role and I get the following:

omero_database=# \q
omero@OMERO:~$ OMERO.server/bin/omero login
Server: [localhost:4064]
Username: [omero]
Password:
Password check failed for 'omero': []
Password:

Are roles not allowed to access the OMERO application? do I need a specific user (not a role) in the omero_database? Thanks.

I was able to figure it out. I did not have any users created for the OMERO application. I created a testing group and then I was able to create users with the Linux 'root' account. I know that this breaks all security measures but my next task is to create an admin user for the OMERO application that is separate from the Linux 'root' user. Thanks for your insight, it was helpful.

I think you're still mixing up system, postgres and OMERO users. These are totally independent from eachother. On a typical installation you'd have:

- An 'omero' unix user which runs the OMERO server "[omero@omero-system bin]$ ./omero admin start".

- The 'omero_pg' user in postgres, who owns the OMERO database. You've probably created the OMERO postgres database with something like "createdb -O omero_pg omero_db", or initialized the database with "psql -U omero_pg omero_db < OME.*.sql"

- Then there's the OMERO 'root' user. You set the password for this user when running "./omero db script". This is the top admin user in the OMERO system. You can log in with this user using any of the clients, web, Insight or command line interface.

- And all the other OMERO users which you can create as admin user within the clients or the cli "./omero user add ..."

The usernames like 'omero_pg' are of course just an example, you can name them whatever you like.

You definitely should not run the OMERO server as unix root user

Regards,
Dominik