Shantanu Pavgi wrote:
> Hi,
> 
> We have a galaxy server setup using external shibboleth authentication. While 
> we would like to have site behind authentication realm, there are instances 
> when our galaxy datasets/histories need to be accessible publicly from other 
> websites. We tried adding an exception to auth rule for /datasets  path using 
> Location directive in apache web server configuration, however galaxy server 
> returned an error as:
> 
> {{{
> Access to Galaxy is denied
> Galaxy is configured to authenticate users via an external method (such as 
> HTTP authentication in Apache), but a username was not provided by the 
> upstream (proxy) server. This is generally due to a misconfiguration in the 
> upstream server.
> }}}
> 
> Is there any way to share public histories and datasets when galaxy is using 
> external authentication mechanism? I have thought about setting up (fake) 
> anonymous REMOTE_USER variable for /datasets path, but  not sure whether this 
> is correct approach. Also, would it require any galaxy code changes? Any 
> thoughts? 

Hi Shantanu,

That's about all you can do, or modify
lib/galaxy/web/framework/middleware/remoteuser.py to let these
connections through.  I would suggest the former solution of setting a
header in Apache, but only set it if the user is not authenticated.

--nate

> 
> Thanks,
> Shantanu. 
> ___________________________________________________________
> Please keep all replies on the list by using "reply all"
> in your mail client.  To manage your subscriptions to this
> and other Galaxy lists, please use the interface at:
> 
>   http://lists.bx.psu.edu/
___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:

  http://lists.bx.psu.edu/

Reply via email to