Hi Martin,
what LDAP server are you using? We have tested only OpenLDAP and
ActiveDirectory, but should work on any LDAP server.

If it is OpenLDAP, I think you should use:

<search-fields>uid,mail</search-fields>
<search-filter>(&amp;(mail={email})(uid={username}))</search-filter>
<auto-register-username>{uid}</auto-register-username>

More details in:

https://github.com/galaxyproject/galaxy/blob/dev/config/auth_conf.xml.sample

Cheers,
Nicola

Il 02.09.2015 15:03 Martin Vickers ha scritto:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All,

I've been trying to get the new LDAP module to work. It works fine for existing users but I can't get auto-register to work. In the logs I can
see the successful logins look like this;

galaxy.webapps.galaxy.controllers.user DEBUG 2015-09-02 13:35:06,130
trans.app.config.auth_config_file: ./config/auth_conf.xml
galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,131 LDAP
authenticate: email is mj...@aber.ac.uk [1]
galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,131 LDAP
authenticate: username is mjv08
....
galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,235 LDAP
authentication successful

and those that are unsuccessful have a username as None, which is why
the search filter isn't working;

galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:47:13,951 LDAP
authenticate: email is unregu...@aber.ac.uk [2]
galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:47:13,951 LDAP
authenticate: username is None
....
galaxy.auth.providers.ldap_ad WARNING 2015-09-02 13:47:14,110 LDAP
authenticate: search returned no results

My auth_config.xml openldap authenticator looks like this (edited to
remove openldap server details);

ldap
'{email}'.endswith('@example.com')

True
Challenge
ldaps://dc1.example.com

ou=People,dc=dc1,dc=example,dc=com

cn=searchuser,ou=People,dc=dc1,dc=example,dc=com

searchuserpassword
cn,mail

(&(cn={username})(mail={email}))
{dn}
{password}

{cn}
{mail}

Are there any settings in galaxy.ini that are required to enable this to
work?

Many thanks

Martin

- --

- --
Dr. Martin Vickers

Data Manager/HPC Systems Administrator
Institute of Biological, Environmental and Rural Sciences
IBERS New Building
Aberystwyth University

w: http://www.martin-vickers.co.uk/
e: mj...@aber.ac.uk
t: 01970 62 2807
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQEcBAEBAgAGBQJV5vO7AAoJEHa0a8GkKQgIJJQH/20auDZKNYOw0JfXq6y/DpY9
2d7C5e81BepLfi3b715vhuG5qtJUj+fLkI86fgKgloo/y4SqQWeni51buxs3kgSl
L0ynVeZC/hIQSSLIEUTfPomT0CIR4GdPwnegbqaWZuy3NBlq2Rj6Boc2V/6EIp1M
ARlEKeV/gK64h/cq2guTbPLdgK5vnGFCNKcsLLYCLelBmpXfjRG8z9JIa1nLa/F/
4p1KaIX+UqCTMZrGAOM2S5Fb3rfmeApcp73w6aM4RDKwdJpsfuhQhFwtkPFjfSyn
GrQM6naA/qY8m+Gtl+he6L7XczP4nFyan1JN9AcWEGtzHBappPKMeI/L7ZLoHTw=
=Cwa8
-----END PGP SIGNATURE-----


Connetti gratis il mondo con la nuova indoona: hai la chat, le chiamate, le video chiamate e persino le chiamate di gruppo.
E chiami gratis anche i numeri fissi e mobili nel mondo!
Scarica subito l’app Vai su https://www.indoona.com/


___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
 https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
 http://galaxyproject.org/search/mailinglists/

Reply via email to