To answer my own question after testing various front-end auth setups it
looks like REMOTE_USER must be the email address, and what's nice about LDAP
is that you can have users authenticate with a username or other ID that is
not the email address and still return the email address to Galaxy, if
anyone needs help with such an LDAP configuration please ask me I have it
working with Apache mod_authnz_ldap against Active Directory.
On Fri, Apr 8, 2011 at 7:07 PM, Leandro Hermida
> When returning REMOTE_USER env var from the external authentication method
> does it have to be an email address for Galaxy? The docs aren't very clear
> on that, in the main External Authentication section it says you have to
> have to set remote_user_maildomain if you aren't return an email address
> (and the domain will be appended it seems) but in the mod_authnz_ldap
> section it says you are allowed to set any attribute to return as
Please keep all replies on the list by using "reply all"
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at: