I'm not using a virtual host. Apache is just there as a proxy. I tried the rewrite rules below... I get a redirect from 80 to 443 as expected for the ldap authentication. After authenticating I do not get redirected to 8080 for galaxy. I've tried a few different ways and always get that. I'll dig in tomorrow morning and after some coffee to see if I can figure it out. It's probably worth posting the solution in the docs. -----Original Message----- From: Kandalaft, Iyad [mailto:Iyad.Kandalaft@AGR.GC.CA] Sent: Monday, August 25, 2014 8:42 PM To: Eric Rasche; Shrum, Donald C Cc: galaxy-dev@lists.bx.psu.edu Subject: RE: [galaxy-dev] ssl proxy Hi Eric I'm not sure that he is using a virtual host on 443. I suppose that a "redirect permanent" would work in either case, but I was thinking along the lines of: RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] RewriteRule ^/static/style/(.*) /panfs/storage.local/opt/galaxy-dist/static/june_2007_style/blue/$1 [L] RewriteRule ^/static/scripts/(.*) /panfs/storage.local/opt/galaxy-dist/static/scripts/packed/$1 [L] RewriteRule ^/static/(.*) /panfs/storage.local/opt/galaxy-dist/static/$1 [L] RewriteRule ^/favicon.ico /panfs/storage.local/opt/galaxy-dist/static/favicon.ico [L] RewriteRule ^/robots.txt /panfs/storage.local/opt/galaxy-dist/static/robots.txt [L] RewriteRule ^(.*) http://144.174.51.187:8080$1 [P] What do you think? Iyad Kandalaft Bioinformatics Programmer Microbial Biodiversity Bioinformatics Science & Technology Branch Agriculture & Agri-Food Canada Iyad.Kandalaft@agr.gc.ca | (613) 759-1228 ________________________________ From: galaxy-dev-bounces@lists.bx.psu.edu [galaxy-dev-bounces@lists.bx.psu.edu] on behalf of Eric Rasche [rasche.eric@yandex.ru] Sent: August 25, 2014 4:21 PM To: DCShrum@admin.fsu.edu Cc: galaxy-dev@lists.bx.psu.edu Subject: Re: [galaxy-dev] ssl proxy We use: <VirtualHost *:80> ServerName <our.server.fqdn> DocumentRoot "/var/www/" <Directory "/var/www/"> Options Indexes FollowSymLinks MultiViews AllowOverride None Require all granted </Directory> Redirect permanent / https://<UrlBlockedError.aspx><our.server.fqdn>/ </VirtualHost> Ours is managed with puppet so I've tried to redact the non-relevant blocks, but that should work for you. Cheers, Eric On 08/25/2014 03:03 PM, Shrum, Donald C wrote:
Hi all,
I have a galaxy install with an apache proxy and ldap authentication.
<Location /> RequestHeader set X-URL-SCHEME https AuthBasicProvider ldap Other stuff.... </Location>
RewriteEngine on RewriteRule ^/static/style/(.*) /panfs/storage.local/opt/galaxy-dist/static/june_2007_style/blue/$1 [L] RewriteRule ^/static/scripts/(.*) /panfs/storage.local/opt/galaxy-dist/static/scripts/packed/$1 [L] RewriteRule ^/static/(.*) /panfs/storage.local/opt/galaxy-dist/static/$1 [L] RewriteRule ^/favicon.ico /panfs/storage.local/opt/galaxy-dist/static/favicon.ico [L] RewriteRule ^/robots.txt /panfs/storage.local/opt/galaxy-dist/static/robots.txt [L] RewriteRule ^(.*) http://144.174.51.187:8080$1 [P]
What is the best way to manage the redirect from http to https for the authentication?
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
Eric Rasche Programmer II Center for Phage Technology Texas A&M University College Station, TX 77843 404-692-2048 <tel:4046922048> esr@tamu.edu<mailto:esr@tamu.edu> <mailto:esr@tamu.edu><mailto:esr@tamu.edu> -- Eric Rasche Programmer II Center for Phage Technology Texas A&M University College Station, TX 77843 404-692-2048 esr@tamu.edu<mailto:esr@tamu.edu> rasche.eric@yandex.ru<mailto:rasche.eric@yandex.ru>