Leandro Hermida wrote:
On Thu, Apr 28, 2011 at 5:52 PM, Nate Coraor <nate@bx.psu.edu> wrote:
Leandro Hermida wrote:
Hi everyone,
Has anyone actually properly implemented remote_user_logout_href in Galaxy with external HTTP authentication? As probably those who have tried know, it is rife there doesn't seem to be a clean and robust way to do this?
It's not a Galaxy-specific issue, it's that it looks impossible to provide server-side link of some kind (which runs some script, etc.) that executes some mechanism that will clear the HTTP active login on the browser. It's impossible to do that cleanly and robustly unless someone know how to do it?
This is true of basic authentication, although not all authentication methods are using basic. For example, in the past, we've used Cosign[1] which does provide a proper logout. Also you can still do this with basic authentication, apparently the trick is to dynamically change the realm sent with the WWW-Authenticate request. I haven't looked into whether there's anything already existing for Apache/nginx which makes this easy, though. --nate [1] http://cosign.sourceforge.net/
Hi Leandro,
Other than loading in the center panel in Galaxy (which I can commit an easy fix for), are there other problems with it?
--nate
best, Leandro
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: