Re: [galaxy-dev] LDAP authentification
Hi Brad, Hi Christopher,
Thanks a lot.
I'm talking to Open LDAP. I have changed
RequestHeader set REMOTE_USER %{AUTHENTICATE_uid}e
to
RequestHeader set REMOTE_USER %{AUTHENTICATE_UID}e
But I always have the same message /(Access to Galaxy is denied
Galaxy is configured to authenticate users via an external method (such
as HTTP authentication in Apache), but a username was not provided by
the upstream (proxy) server. This is generally due to a misconfiguration
in the upstream server. )/
This is my .conf file :
<Proxy http://localhost:8080>
Order deny,allow
Allow from all
</Proxy>
RewriteEngine on
<Location "/">
AuthType Basic
AuthName Galaxy
AuthBasicProvider ldap
AuthLDAPURL
"ldap://server/ou=People,ou=genopole,ou=toulouse,o=inra,c=fr?u
id?sub?(objectClass=person)"
AuthzLDAPAuthoritative off
Require valid-user
# Take the $REMOTE_USER environment variable and set it
as a header in the proxy request.
#RewriteCond %{IS_SUBREQ} ^false$
#RewriteCond %{LA-U:REMOTE_USER} (.+)
#RewriteRule . - [E=RU:%1]
#RequestHeader set REMOTE_USER %{RU}e
RequestHeader set REMOTE_USER %{AUTHENTICATE_UID}e
</Location>
Thanks in advance,
Sarah
Langhorst, Brad a écrit :
Hi Sarah:
I don't know what kind of LDAP you're talking to... I'm talking to Active
Directory and this configuration works in that situation.
Order allow,deny
allow from all
AuthType Basic
AuthName "NEB Credentials"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPBindDN ccalookup(a)neb.com
AuthLDAPBindPassword <password>
AuthLDAPURL
"ldap://<ldap.domain.com>:389/dc=domain,dc=com?sAMAccountName"
require valid-user
RewriteCond %{IS_SUBREQ} ^false$
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader set REMOTE_USER
%{AUTHENTICATE_sAMAccountName}e