Hi list,
I would like to enable a multiple search on (Open)LDAP to check if a user
is also a member of a specific "galaxy" group. I did not find anything
about this in the documentation.
Indeed, we do not want that all the LDAP users to be able to login to
galaxy and we do not want to change the LDAP structure because it is
already used by many applications.
I have a complex search-filter which is:
<search-filter>(|(&(mail={email})(uid={username}))(&(cn=galaxy)(objectClass=posixGroup)(memberUid={username})))</search-filter>
However, this search filter gave me two answers. It is normal because I am
searching for the user, and then, if he belongs to a particular
(posix)group. So the bind failed (because it needs only one answer).
The basic one (to only bind) is working:
<search-filter>(&(mail={email})(uid={username}))</search-filter>
I also tried with 2 search-filter conditions but galaxy seems to keep only
the last one.
Is there any project to allow that in the (near) future versions (*) ? Or
is there any hidden xml tag (not in documentation) which can permit to
search the memberUid/memberOf value in LDAP ?
In the meantime we will change the default quota (like just some bytes) for
users to allow LDAP login (for all users already present in it).
Best,
Remy
(*) Alternatively, what code should I change in Galaxy ? I would be happy
to program it if I have enough time...
___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at:
http://galaxyproject.org/search/mailinglists/
