Hi Nate, 

We have an extra proxy entry for the path galaxy/api, where we also require 
ldap authentication. When I now remove this, the problem with the javascript 
popup is solved and the web is working perfectly fine. 
But now my API is not secured anymore, and this is clearly not what we want. Is 
there a way around that? Or do I just don't get the point? 

My proxy config is: 

RewriteEngine on
RewriteRule ^/galaxy$ /galaxy/ [R]
RewriteRule ^/galaxy/static/style/(.*) 
/g/funcgen/galaxy/static/june_2007_style/blue/$1 [L]
RewriteRule ^/galaxy/static/(.*) /g/funcgen/galaxy/static/$1 [L]
RewriteRule ^/galaxy/images/(.*) /g/funcgen/galaxy/static/images/$1 [L]
RewriteRule ^/galaxy/upload/(.*) /g/funcgen/galaxy/static/automated_upload/$1 
[L]
RewriteRule ^/galaxy/favicon.ico /g/funcgen/galaxy/static/favicon.ico [L]
RewriteRule ^/galaxy/robots.txt /g/funcgen/galaxy/static/robots.txt [L]
RewriteRule ^/galaxy(.*) http://localhost:8080$1 [P]

<Location /galaxy>
        AuthName "Galaxy"
        AuthType Basic
        AuthBasicProvider ldap
        AuthLDAPURL "ldap:/<ldap>"
        AuthzLDAPAuthoritative off
        Require valid-user
</Location>

<Location /galaxy/api>
        AuthName "Galaxy (API)"
        AuthType Basic
        AuthBasicProvider ldap
        AuthLDAPURL "ldap://<ldap>"
        AuthzLDAPAuthoritative off
        Satisfy any
        Allow from all
</Location>

<Directory /g/funcgen/galaxy/static/automated_upload>
        AllowOverride Options FileInfo
</Directory>

RequestHeader set REMOTE_USER %{AUTHENTICATE_uid}e


THanks a lot for your help! 

Cheers, 

Sajoscha


On Jan 28, 2013, at 8:35 PM, Nate Coraor wrote:

> Hi Brad and Sajoscha,
> 
> Is there any chance that your proxy configurations are not passing the 
> username in the REMOTE_USER header when the request is to an /api path?  
> Could you provide the relevant portions of your proxy server configs?
> 
> Thanks,
> --nate
> 
> On Jan 28, 2013, at 7:12 AM, Langhorst, Brad wrote:
> 
>> Hi Sajoscha:
>> 
>> I have exactly the same problem… it started about a month ago.
>> 
>> Also with external ldap auth.
>> 
>> I have not yet investigated in detail, since it's not crippling - just 
>> annoying.
>> 
>> Brad
>> 
>> 
>> On Jan 28, 2013, at 6:38 AM, Sajoscha Sauer <sa...@embl.de>
>> wrote:
>> 
>>> Hi list, 
>>> 
>>> I have a weird problem after updating to the latest version. 
>>> 
>>> After doing the update as usual, the history panel is not updating 
>>> automatically anymore. And when I press refresh, I get an javascript popup 
>>> saying: 
>>> 
>>> Error getting history updates from the server.
>>> Forbidden
>>> 
>>> 
>>> Also, in the log I see the following: 
>>> 
>>> galaxy.web.framework WARNING 2013-01-28 12:30:01,673 User logged in as 
>>> '(null)' externally, but has a cookie as 'sa...@embl.de' invalidating 
>>> session
>>> 
>>> 
>>> We are using LDAP to connect to Galaxy, but I don't know if this has 
>>> something to do with the problem. As I said, it was working perfectly fine 
>>> before the update. 
>>> 
>>> Does someone know the problem or has any ideas? 
>>> 
>>> Thanks for your help, 
>>> 
>>> Sajoscha
>>> 
>>> 
>>> 
>>> ___________________________________________________________
>>> Please keep all replies on the list by using "reply all"
>>> in your mail client.  To manage your subscriptions to this
>>> and other Galaxy lists, please use the interface at:
>>> 
>>> http://lists.bx.psu.edu/
>> 
>> --
>> Brad Langhorst
>> langho...@neb.com
>> 
>> 
>> 
>> 
>> 
>> 
>> ___________________________________________________________
>> Please keep all replies on the list by using "reply all"
>> in your mail client.  To manage your subscriptions to this
>> and other Galaxy lists, please use the interface at:
>> 
>> http://lists.bx.psu.edu/
>> 
> 


___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:

  http://lists.bx.psu.edu/

Reply via email to