Hi Sarah: I don't know what kind of LDAP you're talking to... I'm talking to Active Directory and this configuration works in that situation. Order allow,deny allow from all AuthType Basic AuthName "NEB Credentials" AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPBindDN ccalookup@neb.com AuthLDAPBindPassword <password> AuthLDAPURL "ldap://<ldap.domain.com>:389/dc=domain,dc=com?sAMAccountName" require valid-user RewriteCond %{IS_SUBREQ} ^false$ RewriteCond %{LA-U:REMOTE_USER} (.+) RewriteRule . - [E=RU:%1] RequestHeader set REMOTE_USER %{AUTHENTICATE_sAMAccountName}e -- Brad Langhorst New England Biolabs langhorst@neb.com On 1/19/12 8:59 AM, "Sarah Maman" <sarah.maman@toulouse.inra.fr> wrote:
Hello,
I'm trying to install galaxy on a apache server,and i have the same error message than David HOOVER when i tried to generate the authentification files. Thanks to David Hoover who gives me some helpful explanation.
When i read the thread on gmod, it seems,that the problem is solved (http://gmod.827538.n3.nabble.com/trouble-with-authentication-through-Apac he-td1809681.html <http://gmod.827538.n3.nabble.com/trouble-with-authentication-through-Apac he-td1809681.html>) but I did not find the solution in my case.
I use LDAP authentification and Galaxy is implemented on a VM.
Could you please explain me how to solve it. I really need help.
I modified universe file ( in galaxy-dist) and i created .htaccess file in galaxy-dist/ : * in universe_wsgi.ini:
use_remote_user = True remote_user_maildomain = example.org <http://example.org>
* in .htaccess file in galaxy-dist/ Directory :
1 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_1> # Define Galaxy as a valid Proxy 2 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_2> <Proxy http://localhost:8080> 3 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_3> Order deny,allow 4 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_4> Allow from all 5 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_5> </Proxy> 6 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_6> #!highlight apache 7 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_7> <Location "/"> 8 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_8> AuthType Basic 9 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_9> AuthBasicProvider *ldap* 10 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_10> Auth*LDAP*URL "*ldap*://server:389/ou=People,dc=example,dc=org?uid?sub?(objectClass=pers on)" 11 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_11> Authz*LDAP*Authoritative off 12 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_12> Require valid-user 13 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_13> # Set the REMOTE_USER header to the contents of the *LDAP* query response's "uid" attribute 14 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_14> RequestHeader set REMOTE_USER %{AUTHENTICATE_uid}e 15 <http://wiki.g2.bx.psu.edu/Admin/Config/Apache%20Proxy?highlight=%28Ldap%2 9#CA-e07a9dbbf4f816c0970d4995f4abb957a6683638_15> </Location>
with location, AuthBasicProvider and proxy competed
But i have the error :
Access to Galaxy is denied
Galaxy is configured to authenticate users via an external method (such as HTTP authentication in Apache), but a username was not provided by the upstream (proxy) server. This is generally due to a misconfiguration in the upstream server.
Thank you, and best regards
Sarah Maman
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: