Re: [galaxy-dev] External User Authenticaion

Hi Ryan, On 10/13/2015 09:50 AM, Ryan G wrote: > Hi all - In regards to external user authentication that I have working > now (see thread below). When users try to go to the actual Galaxy page, > they get the message: > > > Access to Galaxy is denied That's expected for External User

Re: [galaxy-dev] External User Authenticaion

On 10/13/2015 11:34 AM, Ryan G wrote: > We have Apache set up to authenticate users off our LDAP. If they > authenticate correctly, they are then forwarded on through the proxy. So, mod_auth_ldap? Or not? You say "forwarded" so I'm thinking you may not mean this. > > What I want is to

Re: [galaxy-dev] External User Authenticaion

Sorry, maybe I'm not being clear. Galaxy is listening on http://galaxy.mycompany.com:8080 Users access Galaxy via http://mycompay.com/galaxy If users go to http://galaxy.mycompany.com:8080, they get the External Authentication message. From here I want them to be redirected to

Re: [galaxy-dev] External User Authenticaion

Howdy Ryan, On 10/13/2015 11:44 AM, Ryan G wrote: > Sorry, maybe I'm not being clear. > > Galaxy is listening on http://galaxy.mycompany.com:8080 > > Users access Galaxy via http://mycompay.com/galaxy Ah! This is much more clear, thanks :) If you're running under remote_user, you should NOT

Re: [galaxy-dev] External User Authenticaion

We have Apache set up to authenticate users off our LDAP. If they authenticate correctly, they are then forwarded on through the proxy. What I want is to prevent users from hitting the galaxy URL directly. If they, do I want to automatically redirect them to the proxy. On Tue, Oct 13, 2015 at

Re: [galaxy-dev] External User Authenticaion

I finally got around to this and all is working well. I submitted 2 patches to remoteuser.py to assist in debugging incorrect set ups. Last question - When a user logs out, they get the page ""Access to Galaxy user controls is disabled". I've set the remote_user_logout_href parameter to a

Re: [galaxy-dev] External User Authenticaion

Yes, I have a test server I'm going to check this one. thanks for the link, that's perfect...I'll add some debugging code in here to see what's going on. On Tue, Sep 8, 2015 at 1:46 PM, Dannon Baker wrote: > Do you have a way to verify the "HTTP_MAIL" header is actually

Re: [galaxy-dev] External User Authenticaion

Do you have a way to verify the "HTTP_MAIL" header is actually being passed through your proxy server? The problem is that Galaxy still doesn't think it's receiving the expected headers, so there isn't a good way that it can tell you more about what might be going on. If you're able to tweak

[galaxy-dev] External User Authenticaion

Hi all - I'm trying to use external user authentication with Galaxy. The external authentication passes to Galaxy the username with the mail domain at HTTP_USER. In galaxy.ini, I enable: use_remote_user = True When I try to access Galaxy, I get the message: Galaxy is configured to authenticate

Re: [galaxy-dev] External User Authenticaion

Hi Ryan, It may be that Galaxy is looking for a different remote user header than your proxy is setting. I believe by default we look for HTTP_REMOTE_USER, but this is configurable in galaxy.ini (so, you could set yours to HTTP_USER there). Let me know if this doesn't sort it out for you and we