Dear list,
I have some problems using the LDAP module for registering users…
User which have been previously created by the admin user can login without any problems, but Galaxy won’t create new ones for first-time users.
Here’s my auth.conf:
<?xml version="1.0"?>
<auth>
<authenticator>
<type>ldap</type>
<filter>'{email}'.endswith('@gwdg.de')</filter>
<options>
<allow-register>False</allow-register>
<auto-register>True</auto-register>
<allow-password-change>False</allow-password-change>
<server>ldap://ldap.gwdg.de</server>
<login-use-username>True</login-use-username>
<search-fields>dn,mailAddresses,uid</search-fields>
<search-base>ou=Users,dc=gwdg,dc=de</search-base>
<search-filter>(&(uid={username})(platforms=*HPC*))</search-filter>
<search-user>cn=searchuser,ou=gwdgadm,dc=gwdg,dc=de</search-user>
<search-password>supersecretpassword</search-password>
<bind-user>{dn}</bind-user>
<bind-password>{password}</bind-password>
<auto-register-username>{uid}</auto-register-username>
<auto-register-email>{email}</auto-register-email>
</options>
</authenticator>
I already tried several different combinations of <bind-user>, <search-filter> and <auto-register-username>, but still get the following error:
galaxy.auth.providers.ldap_ad DEBUG 2016-05-26 10:30:39,675 LDAP authenticate: email is glxytest@gwdg.de
galaxy.auth.providers.ldap_ad DEBUG 2016-05-26 10:30:39,675 LDAP authenticate: username is None
galaxy.auth.providers.ldap_ad DEBUG 2016-05-26 10:30:39,675 LDAP authenticate: options are {'bind-user': '{dn}', 'search-fields': 'dn,mailAddresses,uid', 'login-use-username': 'True', 'allow-register': 'Challenge', 'auto-register-email':
'{email}', 'server': 'ldap://ldap.gwdg.de', 'auto-register': 'True', 'search-base': 'ou=Users,dc=gwdg,dc=de', 'search-filter': '(uid={username})', 'continue-on-failure': 'False', 'auto-register-username': '{uid}', 'search-password': 'supersecretpassword',
'search-user': 'cn=searchuser,ou=gwdgadm,dc=gwdg,dc=de', 'bind-password': '{password}', 'allow-password-change': 'False'}
galaxy.auth.providers.ldap_ad DEBUG 2016-05-26 10:30:39,675 LDAP authenticate: username must be used to login, cannot be None
galaxy.auth DEBUG 2016-05-26 10:30:39,675 Email: , Username , stopping due to failed non-continue
I entered „glxytest“ as user on the frontend (as I only want to use the username to log in) and it seems that the module converts that to {email} field and misses the {username} field?!
Do I have to change my galaxy.ini (mailing is not configured and user_activation_on = False) or am I missing something simple?
Thanks for any recommendations!
Jan-N. Fahrenholz-------------------GWDG-------------
Arbeitsgruppe "Nutzerservice und Betriebsdienste"
Tel. +49(0)551/201-1791
Raum C2
E-Mail:
jfahren1@gwdg.de
------------------------------------------------------------------
Gesellschaft für wissenschaftliche Datenverarbeitung mbH
Göttingen (GWDG), Am Fassberg 11, 37077 Göttingen
URL:
http://www.gwdg.de E-Mail:
gwdg@gwdg.de
Tel. +49 (0)551 201-1510 Fax +49 (0)551 201-2150
Geschäftsführer: Prof. Dr. Ramin Yahyapour
Aufsichtsratsvorsitzender: Prof. Dr. Christian Griesinger
Sitz der Gesellschaft: Göttingen
Registergericht: Göttingen Handelsregister-Nr. B 598
Zertifiziert nach ISO 9001
-----------------------------------------------------------