Greetings,
I am an IT systems administrator at our lab. We maintain some control over our servers but the bulk of the control resides with our university's research computing group.
A while ago the admins at research computing created some LDAP-based user accounts for a project that we have, and I had read (
https://wiki.galaxyproject.org/Admin/Config/ExternalUserAuth) that Galaxy has ability to interface with the directory service, although there wasn't much details in the link here.
So we have a few questions:
1) Assuming Galaxy can read LDAP directory service information, to what extent is access control enforced? Is it on a file system level?
2) If a researcher logs into Galaxy with his LDAP credentials, runs some analyses and obtains the results, how exactly are these results protected from other researchers who may be prohibited from accessing these results due to institutional policies? Accordingly, if a researcher wants to share the data product with another LDAP user, how is that done exactly apart from simply downloading and emailing it?
Depending on the responses I receive from these questions I may have more follow-up questions. Thank you in advance for your consideration.