Hi Martin, what LDAP server are you using? We have tested only OpenLDAP and ActiveDirectory, but should work on any LDAP server. If it is OpenLDAP, I think you should use: <search-fields>uid,mail</search-fields> <search-filter>(&(mail={email})(uid={username}))</search-filter> <auto-register-username>{uid}</auto-register-username> More details in: https://github.com/galaxyproject/galaxy/blob/dev/config/auth_conf.xml.sample Cheers, Nicola Il 02.09.2015 15:03 Martin Vickers ha scritto:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi All,
I've been trying to get the new LDAP module to work. It works fine for existing users but I can't get auto-register to work. In the logs I can see the successful logins look like this;
galaxy.webapps.galaxy.controllers.user DEBUG 2015-09-02 13:35:06,130 trans.app.config.auth_config_file: ./config/auth_conf.xml galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,131 LDAP authenticate: email is mjv08@aber.ac.uk [1] galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,131 LDAP authenticate: username is mjv08 .... galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:35:06,235 LDAP authentication successful
and those that are unsuccessful have a username as None, which is why the search filter isn't working;
galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:47:13,951 LDAP authenticate: email is unreguser@aber.ac.uk [2] galaxy.auth.providers.ldap_ad DEBUG 2015-09-02 13:47:13,951 LDAP authenticate: username is None .... galaxy.auth.providers.ldap_ad WARNING 2015-09-02 13:47:14,110 LDAP authenticate: search returned no results
My auth_config.xml openldap authenticator looks like this (edited to remove openldap server details);
ldap '{email}'.endswith('@example.com')
True Challenge ldaps://dc1.example.com
ou=People,dc=dc1,dc=example,dc=com
cn=searchuser,ou=People,dc=dc1,dc=example,dc=com
searchuserpassword cn,mail
(&(cn={username})(mail={email})) {dn} {password}
{cn} {mail}
Are there any settings in galaxy.ini that are required to enable this to work?
Many thanks
Martin
- --
- -- Dr. Martin Vickers
Data Manager/HPC Systems Administrator Institute of Biological, Environmental and Rural Sciences IBERS New Building Aberystwyth University
w: http://www.martin-vickers.co.uk/ e: mjv08@aber.ac.uk t: 01970 62 2807 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux)
iQEcBAEBAgAGBQJV5vO7AAoJEHa0a8GkKQgIJJQH/20auDZKNYOw0JfXq6y/DpY9 2d7C5e81BepLfi3b715vhuG5qtJUj+fLkI86fgKgloo/y4SqQWeni51buxs3kgSl L0ynVeZC/hIQSSLIEUTfPomT0CIR4GdPwnegbqaWZuy3NBlq2Rj6Boc2V/6EIp1M ARlEKeV/gK64h/cq2guTbPLdgK5vnGFCNKcsLLYCLelBmpXfjRG8z9JIa1nLa/F/ 4p1KaIX+UqCTMZrGAOM2S5Fb3rfmeApcp73w6aM4RDKwdJpsfuhQhFwtkPFjfSyn GrQM6naA/qY8m+Gtl+he6L7XczP4nFyan1JN9AcWEGtzHBappPKMeI/L7ZLoHTw= =Cwa8 -----END PGP SIGNATURE-----
Connetti gratis il mondo con la nuova indoona: hai la chat, le chiamate, le video chiamate e persino le chiamate di gruppo. E chiami gratis anche i numeri fissi e mobili nel mondo! Scarica subito l’app Vai su https://www.indoona.com/