On Feb 5, 2013, at 4:29 PM, Carlos Borroto wrote:

> Hi,
> 
> I would like to use Apache LDAP to authenticate a local toolshed.
> Configuring community_wsgi.ini wasn't a problem and I can now login
> into the local toolshed with my institution active directory
> credentials. The same way I do for the local Galaxy. I did have to add
> remote_user_maildomain as it wasn't there and I needed it. Maybe this
> is something that could be added in the next release.
> 
> The problem is when I try to install a tool from this toolshed I get:
> 
> URL: 
> http://galaxy-bfx.brel.local/admin_toolshed/prepare_for_install?tool_shed_url=http://toolshed-bfx.brel.local/&repository_ids=ee9b707789bf4714&changeset_revisions=3cc82d4e406c
> File 
> '/local/opt/galaxy/galaxy-dist/eggs/WebError-0.8a-py2.6.egg/weberror/evalexception/middleware.py',
> line 364 in respond
>  app_iter = self.application(environ, detect_start_response)
> File 
> '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/debug/prints.py',
> line 98 in __call__
>  environ, self.app)
> File 
> '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/wsgilib.py',
> line 539 in intercept_output
>  app_iter = application(environ, replacement_start_response)
> File 
> '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/recursive.py',
> line 80 in __call__
>  return self.application(environ, start_response)
> File 
> '/local/opt/galaxy/galaxy-dist/lib/galaxy/web/framework/middleware/remoteuser.py',
> line 91 in __call__
>  return self.app( environ, start_response )
> File 
> '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/httpexceptions.py',
> line 632 in __call__
>  return self.application(environ, start_response)
> File '/local/opt/galaxy/galaxy-dist/lib/galaxy/web/framework/base.py',
> line 160 in __call__
>  body = method( trans, **kwargs )
> File '/local/opt/galaxy/galaxy-dist/lib/galaxy/web/framework/__init__.py',
> line 208 in decorator
>  return func( self, trans, *args, **kwargs )
> File 
> '/local/opt/galaxy/galaxy-dist/lib/galaxy/webapps/galaxy/controllers/admin_toolshed.py',
> line 1177 in prepare_for_install
>  response = urllib2.urlopen( url )
> File '/usr/lib64/python2.6/urllib2.py', line 126 in urlopen
>  return _opener.open(url, data, timeout)
> File '/usr/lib64/python2.6/urllib2.py', line 397 in open
>  response = meth(req, response)
> File '/usr/lib64/python2.6/urllib2.py', line 510 in http_response
>  'http', request, response, code, msg, hdrs)
> File '/usr/lib64/python2.6/urllib2.py', line 435 in error
>  return self._call_chain(*args)
> File '/usr/lib64/python2.6/urllib2.py', line 369 in _call_chain
>  result = func(*args)
> File '/usr/lib64/python2.6/urllib2.py', line 518 in http_error_default
>  raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
> HTTPError: HTTP Error 401: Authorization Required
> 
> 
> Is there any trick I could do with Apache to let this go through?
> 
> 
> This is my current Apache configuration:
> 
> <VirtualHost *:80>
>    ServerAdmin carlos.borr...@gmail.com
>    ServerName toolshed-bfx.brel.local:80
> 
>    <Proxy http://localhost:9009>
>        Order deny,allow
>        Allow from all
>    </Proxy>
>    RewriteEngine on
>    <Location "/">
>        AuthName "Galaxy Toolshed BFX"
>        AuthType Basic
>        AuthBasicAuthoritative off
>        AuthBasicProvider ldap
>        AuthzLDAPAuthoritative off
>        AuthLDAPURL
> "ldap://ad.brel.local/OU=BREL,DC=brel,DC=local?sAMAccountName?sub";
>        AuthLDAPBindDN "MASKED"
>        AuthLDAPBindPassword "MASKED"

Hi Carlos,

You'll need something here like:

    Satisfy Any
    Order deny,allow
    Deny from all
    Allow from your.galaxy.server

--nate

>        Require valid-user
>        # Set the REMOTE_USER header to the contents of the LDAP query
> response's "uid" attribute
>        RequestHeader set REMOTE_USER %{AUTHENTICATE_sAMAccountName}e
> 
>        XSendFile on
>        XSendFilePath /
>    </Location>
>    RewriteRule ^/static/style/(.*)
> /local/opt/galaxy/galaxy-dist/static/june_2007_style/blue/$1 [L]
>    RewriteRule ^/static/scripts/(.*)
> /local/opt/galaxy/galaxy-dist/static/scripts/packed/$1 [L]
>    RewriteRule ^/static/(.*) /local/opt/galaxy/galaxy-dist/static/$1 [L]
>    RewriteRule ^/favicon.ico
> /local/opt/galaxy/galaxy-dist/static/favicon.ico [L]
>    RewriteRule ^/robots.txt /local/opt/galaxy/galaxy-dist/static/robots.txt 
> [L]
>    RewriteRule ^(.*) http://localhost:9009$1 [P]
> 
>    ErrorLog logs/toolshed-bfx.brel.local-error_log
>    CustomLog logs/toolshed-bfx.brel.local-access_log common
> </VirtualHost>
> 
> As always any help will be highly appreciated,
> Thanks,
> Carlos
> ___________________________________________________________
> Please keep all replies on the list by using "reply all"
> in your mail client.  To manage your subscriptions to this
> and other Galaxy lists, please use the interface at:
> 
>  http://lists.bx.psu.edu/


___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:

  http://lists.bx.psu.edu/

Reply via email to