Hi Nate, We have an extra proxy entry for the path galaxy/api, where we also require ldap authentication. When I now remove this, the problem with the javascript popup is solved and the web is working perfectly fine. But now my API is not secured anymore, and this is clearly not what we want. Is there a way around that? Or do I just don't get the point? My proxy config is: RewriteEngine on RewriteRule ^/galaxy$ /galaxy/ [R] RewriteRule ^/galaxy/static/style/(.*) /g/funcgen/galaxy/static/june_2007_style/blue/$1 [L] RewriteRule ^/galaxy/static/(.*) /g/funcgen/galaxy/static/$1 [L] RewriteRule ^/galaxy/images/(.*) /g/funcgen/galaxy/static/images/$1 [L] RewriteRule ^/galaxy/upload/(.*) /g/funcgen/galaxy/static/automated_upload/$1 [L] RewriteRule ^/galaxy/favicon.ico /g/funcgen/galaxy/static/favicon.ico [L] RewriteRule ^/galaxy/robots.txt /g/funcgen/galaxy/static/robots.txt [L] RewriteRule ^/galaxy(.*) http://localhost:8080$1 [P] <Location /galaxy> AuthName "Galaxy" AuthType Basic AuthBasicProvider ldap AuthLDAPURL "ldap:/<ldap>" AuthzLDAPAuthoritative off Require valid-user </Location> <Location /galaxy/api> AuthName "Galaxy (API)" AuthType Basic AuthBasicProvider ldap AuthLDAPURL "ldap://<ldap>" AuthzLDAPAuthoritative off Satisfy any Allow from all </Location> <Directory /g/funcgen/galaxy/static/automated_upload> AllowOverride Options FileInfo </Directory> RequestHeader set REMOTE_USER %{AUTHENTICATE_uid}e THanks a lot for your help! Cheers, Sajoscha On Jan 28, 2013, at 8:35 PM, Nate Coraor wrote:
Hi Brad and Sajoscha,
Is there any chance that your proxy configurations are not passing the username in the REMOTE_USER header when the request is to an /api path? Could you provide the relevant portions of your proxy server configs?
Thanks, --nate
On Jan 28, 2013, at 7:12 AM, Langhorst, Brad wrote:
Hi Sajoscha:
I have exactly the same problem… it started about a month ago.
Also with external ldap auth.
I have not yet investigated in detail, since it's not crippling - just annoying.
Brad
On Jan 28, 2013, at 6:38 AM, Sajoscha Sauer <sauer@embl.de> wrote:
Hi list,
I have a weird problem after updating to the latest version.
After doing the update as usual, the history panel is not updating automatically anymore. And when I press refresh, I get an javascript popup saying:
Error getting history updates from the server. Forbidden
Also, in the log I see the following:
galaxy.web.framework WARNING 2013-01-28 12:30:01,673 User logged in as '(null)' externally, but has a cookie as 'sauer@embl.de' invalidating session
We are using LDAP to connect to Galaxy, but I don't know if this has something to do with the problem. As I said, it was working perfectly fine before the update.
Does someone know the problem or has any ideas?
Thanks for your help,
Sajoscha
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at:
-- Brad Langhorst langhorst@neb.com
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: