-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi All,
I've been trying to get the new LDAP module to work. It works fine for existing users but I can't get auto-register to work. In the logs I can see the successful logins look like this;
galaxy.webapps.galaxy.controllers.user DEBUG 2015-09-02 13:35:06,130 trans.app.config.auth_config_file: ./config/auth_conf.xml galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,131 LDAP authenticate: email is mjv08@aber.ac.uk galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,131 LDAP authenticate: username is mjv08 .... galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,235 LDAP authentication successful
and those that are unsuccessful have a username as None, which is why the search filter isn't working;
galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:47:13,951 LDAP authenticate: email is unreguser@aber.ac.uk galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:47:13,951 LDAP authenticate: username is None .... galaxy.auth.providers.ldap_ad WARNING 2015-09-02 13:47:14,110 LDAP authenticate: search returned no results
My auth_config.xml openldap authenticator looks like this (edited to remove openldap server details);
<authenticator> <type>ldap</type> <filter>'{email}'.endswith('@example.com')</filter> <options> <auto-register>True</auto-register> <allow-register>Challenge</allow-register> <server>ldaps://dc1.example.com</server>
<search-base>ou=People,dc=dc1,dc=example,dc=com</search-base>
<search-user>cn=searchuser,ou=People,dc=dc1,dc=example,dc=com</search-user>
<search-password>searchuserpassword</search-password> <search-fields>cn,mail</search-fields>
<search-filter>(&(cn={username})(mail={email}))</search-filter> <bind-user>{dn}</bind-user> <bind-password>{password}</bind-password>
<auto-register-username>{cn}</auto-register-username> <auto-register-email>{mail}</auto-register-email> </options> </authenticator>
Are there any settings in galaxy.ini that are required to enable this to work?
Many thanks
Martin
- --
- -- Dr. Martin Vickers
Data Manager/HPC Systems Administrator Institute of Biological, Environmental and Rural Sciences IBERS New Building Aberystwyth University
w: http://www.martin-vickers.co.uk/ e: mjv08@aber.ac.uk t: 01970 62 2807