What you are trying to do is actually very rare at this time, although we anticipate growing interest in this area.
You can use BASIC AUTHENTICATION in your track line bigDataUrl=https://user:passw...@myserver/test.bigWig where user and password are URL-encoded in case they themselves contain certain punctuation chars. HTTPS protects the user and password from snooping when the ucsc browser cgi is accessing the data. You can make click-able URLs that automatically achieve the same thing as filling out the form to create a custom track. I won't go into that here, as it has been covered in the mailinglist archives several times. However, to protect your URLs themselves, you can put them on a webpage that is itself behind some secure area with authentication, so that only YOUR users can get to it. We can not guarantee complete security from end to end. I suggest you make the account above used to access the "big" data be of limited capability, such as read-only, and created expressly for this purpose. -Galt Maxim wrote: > Hi, > > > I'm respondible for a small facility that provides bioinformatics analysis > for a small number of groups. One aspect is the analysis of ChIP-Seq data. > For the purpose of visualization I decided to use your browser and remote > bigWig files hosted on our server. I managed to display such remote bigWig > files and I found this to happen very nicely and most importantly to work in > very fast way. My question is related to security issues as well as how to > automate the upload of the data . Right now I host the data to be displayed > at a place, which is not protected at all. On the long run I would like to > generate a group-specific (protected - login required) HTML-page that > displays all the available tracks for a specific customer/group which upon > clicking the respective link should get displayed at UCSC browser. > Unfortunately I do not know how to generate such an automated link which > would require to autofill the configuration field in the " manage custom > tracks" form like in my case: > > track type=bigWig name="My Big Wig" description="A Graph of Data from My > Lab" bigDataUrl=http://myserver/test.bigWig > > Is there a method to do this type of autofilling the form? I saw this link > and it does at least something similar : > http://dir.nhlbi.nih.gov/papers/lmi/epigenomes/hgtcell.aspx , unfortunately > this group uses vstep wiggle files which I thought might be not as suitable > as bigWig files. Additonally the file contains in the header section lots of > information (trackname etc) which I think is not suitable for security > reasons. I reasoned that a bigWig file does not do so, but rather the track > configuration comes from somewhere else. This sounds a little safer to me. > > 2nd this still would implicate that the data to be upoaded has to be located > at a plcae accessible for every internet user. Is there a way to provide > additional login information in order to allow access only to authenticated > users and still allows to establish a connection of such a file from your > server? > > > I guess that such a setup is quite common to other users of your > browser/server, therefore you might already know the answer to my question > or perhaps might point me at others users that run a similar configuration. > In any case I appreciate any helping advice on this topic. > > Best regards > > Maxim > _______________________________________________ > Genome maillist - [email protected] > https://lists.soe.ucsc.edu/mailman/listinfo/genome _______________________________________________ Genome maillist - [email protected] https://lists.soe.ucsc.edu/mailman/listinfo/genome
