Hello, I managed to connect to Galaxy to LDAP ;-) Three points were blocking for me: * Being root of my virtual machine can carry out tests * I confused login / password of two LDAP, so I thought that my authentication method was not good while I was using the wrong password ... * It is better not to go through a proxy 1 - Set configuration file of Galaxy: universe_wsgi.ini to delegate user authentication to an upstream proxy Apache: Users and Security use_remote_user = True remote_user_maildomain = toulouse.inra.fr 2 - Create a file type "htaccess" file named galaxy.conf (in / etc / httpd / conf.d /): For reasons of performance and safety, it is advisable not to use a. htaccess but a galaxy.conf file in the main server configuration (Apache), because the latter will be charged a once when the server starts. With an .htaccess file, this file will be charged at each access. RewriteEngine on <Location "/galaxy"> # Define the authentication method AuthType Basic AuthName "Galaxy" AuthBasicProvider ldap AuthLDAPURL "ldap :/ / server URL: 389/..." AuthzLDAPAuthoritative off Require valid-user RequestHeader set REMOTE_USER %{AUTHENTICATE_uid}e </ Location> RewriteRule ^ / $ galaxy / galaxy / [R] RewriteRule ^ / galaxy / static / style / (. *) / var/www/html/galaxy/static/june_2007_style/blue / $ 1 [L] RewriteRule ^ / galaxy / static / scripts / (. *) /vVar / www / html / galaxy / static / scripts / packed / $ 1 [L] RewriteRule ^ / galaxy / static / (. *) / var / www / html / galaxy / static / $ 1 [L] RewriteRule ^ / galaxy / favicon.ico / var / www / html / galaxy / static / favicon.ico [L] RewriteRule ^ / galaxy / robots.txt / var / www / html / galaxy / static / robots.txt [L] RewriteRule ^ / galaxy (. *) http://ip:port $ 1 [P] As Galaxy is not installed in root directory but in a galaxy directory (var / www / html / galaxy /), so following changes are needed: 1 - Add a RewriteRule 2 - Do not go through a proxy 3 - REMOTE_USER variable is AUTHENTICATE_uid ( AUTHENTICATE_ sAMAccountName for Windows AD) 4 - To generate dynamic URLs, it is necessary to configure prefix in universe_wsgi.ini : [Filter: proxy-prefix] use = egg: # prefix PasteDeploy prefix = / galaxy [App: main] filter-with = proxy-prefix cookie_path = / galaxy If you are not root on the virtual machine, create a symlink from / etc / httpd / conf.d / to galaxy.conf 3 - Some useful checks Verify Apache version and Apache modules because each directive must have an associated module: Directive → Related module (which mod_ldap) AuthType → mod_auth_basic.so AuthBasicProvider → mod_authnz_ldap and mod_authz_ldap Rewrite (for proxy) → mod_rewrite.so RequestHeader→ mod_headers Check that the galaxy is installed on ldap using this command: ldapsearch-x-h LDAP URL : port-b "dc" When you make a modification in galaxy.conf, restart Apache (or graful). In httpd.conf, so that access management is authorized by the file. # # AccessFileName: The name of the file to look for in EACH directory # For additional configuration directives. See also the AllowOverride # Directive. # AccessFileName. Htaccess Check: Chmod 777 galaxy.conf 4 - Finally, restart run.sh (sh run.sh &) Thanks A LOT for your help, Sarah