On Jul 16, 2012, at 6:42 PM, Smithies, Russell wrote:
I have a situation I’m sure others have faced but I can’t see how to solve it without hacking the src and I’d rather not do that just yet as it complicates upgrades.
We’re using Apache with NTLM and “require valid user” so it’s a corporate domain and only authorized users are allowed access. If I set “use_remote_user = True” on universe_wsgi.ini then users are denied as Apache is passing the domain and username e.g. REMOTE_USER = DOMAIN\\username I can’t use a rewrite rule to fix it from Apache because then it’s an invalid username and the user can’t log into the web, and if it’s passing DOMAIN\\username to Galaxy it doesn’t match up with the Galaxy username so I get a 403 error. Is there a hidden option to strip the domain from the login or am I going to have to start hacking?
Hi Russell, In the Apache configuration, you should be able to modify the regex here: RewriteCond %{LA-U:REMOTE_USER} (.+) To strip your domain, e.g.: RewriteCond %{LA-U:REMOTE_USER} DOMAIN\\(.+) --nate
Thanx,
Russell Smithies Infrastructure Technician Invermay Agricultural Centre Puddle Alley, Private Bag 50034, Mosgiel 9053, New Zealand T +64 3 489 3809 F +64 3 489 3739 www.agresearch.co.nz
Attention: The information contained in this message and/or attachments from AgResearch Limited is intended only for the persons or entities to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited by AgResearch Limited. If you have received this message in error, please notify the sender immediately.
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: