On Feb 5, 2013, at 4:29 PM, Carlos Borroto wrote:
Hi,
I would like to use Apache LDAP to authenticate a local toolshed. Configuring community_wsgi.ini wasn't a problem and I can now login into the local toolshed with my institution active directory credentials. The same way I do for the local Galaxy. I did have to add remote_user_maildomain as it wasn't there and I needed it. Maybe this is something that could be added in the next release.
The problem is when I try to install a tool from this toolshed I get:
URL: http://galaxy-bfx.brel.local/admin_toolshed/prepare_for_install?tool_shed_url=http://toolshed-bfx.brel.local/&repository_ids=ee9b707789bf4714&changeset_revisions=3cc82d4e406c File '/local/opt/galaxy/galaxy-dist/eggs/WebError-0.8a-py2.6.egg/weberror/evalexception/middleware.py', line 364 in respond app_iter = self.application(environ, detect_start_response) File '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/debug/prints.py', line 98 in __call__ environ, self.app) File '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/wsgilib.py', line 539 in intercept_output app_iter = application(environ, replacement_start_response) File '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/recursive.py', line 80 in __call__ return self.application(environ, start_response) File '/local/opt/galaxy/galaxy-dist/lib/galaxy/web/framework/middleware/remoteuser.py', line 91 in __call__ return self.app( environ, start_response ) File '/local/opt/galaxy/galaxy-dist/eggs/Paste-1.6-py2.6.egg/paste/httpexceptions.py', line 632 in __call__ return self.application(environ, start_response) File '/local/opt/galaxy/galaxy-dist/lib/galaxy/web/framework/base.py', line 160 in __call__ body = method( trans, **kwargs ) File '/local/opt/galaxy/galaxy-dist/lib/galaxy/web/framework/__init__.py', line 208 in decorator return func( self, trans, *args, **kwargs ) File '/local/opt/galaxy/galaxy-dist/lib/galaxy/webapps/galaxy/controllers/admin_toolshed.py', line 1177 in prepare_for_install response = urllib2.urlopen( url ) File '/usr/lib64/python2.6/urllib2.py', line 126 in urlopen return _opener.open(url, data, timeout) File '/usr/lib64/python2.6/urllib2.py', line 397 in open response = meth(req, response) File '/usr/lib64/python2.6/urllib2.py', line 510 in http_response 'http', request, response, code, msg, hdrs) File '/usr/lib64/python2.6/urllib2.py', line 435 in error return self._call_chain(*args) File '/usr/lib64/python2.6/urllib2.py', line 369 in _call_chain result = func(*args) File '/usr/lib64/python2.6/urllib2.py', line 518 in http_error_default raise HTTPError(req.get_full_url(), code, msg, hdrs, fp) HTTPError: HTTP Error 401: Authorization Required
Is there any trick I could do with Apache to let this go through?
This is my current Apache configuration:
<VirtualHost *:80> ServerAdmin carlos.borroto@gmail.com ServerName toolshed-bfx.brel.local:80
<Proxy http://localhost:9009> Order deny,allow Allow from all </Proxy> RewriteEngine on <Location "/"> AuthName "Galaxy Toolshed BFX" AuthType Basic AuthBasicAuthoritative off AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL "ldap://ad.brel.local/OU=BREL,DC=brel,DC=local?sAMAccountName?sub" AuthLDAPBindDN "MASKED" AuthLDAPBindPassword "MASKED"
Hi Carlos, You'll need something here like: Satisfy Any Order deny,allow Deny from all Allow from your.galaxy.server --nate
Require valid-user # Set the REMOTE_USER header to the contents of the LDAP query response's "uid" attribute RequestHeader set REMOTE_USER %{AUTHENTICATE_sAMAccountName}e
XSendFile on XSendFilePath / </Location> RewriteRule ^/static/style/(.*) /local/opt/galaxy/galaxy-dist/static/june_2007_style/blue/$1 [L] RewriteRule ^/static/scripts/(.*) /local/opt/galaxy/galaxy-dist/static/scripts/packed/$1 [L] RewriteRule ^/static/(.*) /local/opt/galaxy/galaxy-dist/static/$1 [L] RewriteRule ^/favicon.ico /local/opt/galaxy/galaxy-dist/static/favicon.ico [L] RewriteRule ^/robots.txt /local/opt/galaxy/galaxy-dist/static/robots.txt [L] RewriteRule ^(.*) http://localhost:9009$1 [P]
ErrorLog logs/toolshed-bfx.brel.local-error_log CustomLog logs/toolshed-bfx.brel.local-access_log common </VirtualHost>
As always any help will be highly appreciated, Thanks, Carlos ___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: