The collection configuration file is exactly the same as for the original demo collection apart from the authentication directives (and this description).
The authentication scheme controls access to the collection. It works in two steps. First it determines whether to restrict access to the collection as a whole or to individual documents in it, and in the latter case which documents those are (either by giving a list of private documents for which access is to be authenticated, or specifying that all documents are private except for a given list of public documents). Then for access-restricted documents it determines which user groups are to have access.
Authentication is activated by the authenticate directive with the value collection or document depending on whether authentication is to be performed on the full collection or on a per-document basis (the default value is collection). If authentication is on a document basis, then one can either specify a list of private documents (in which case all others are public) or a list of public documents (in which case all others are private) using directives private_documents or public_documents. The documents themselves are specified using Greenstone document identifiers (separated by spaces): the easiest way to determine these is to locate each document in the collection and look at the d argument in its Greenstone URL.
The auth_groups directive specifies the Greenstone groups for to which access will be permitted, if the document (or collection) is one of those that requires authentication. It is followed by a group name (or a list of group names separated by spaces). The Greenstone admin pages allow you to define groups and add members to them.
There are 5 ways to find information in this collection: