Hi all, After setting up AD/LDAP in Galaxy, we noticed that for some reason, some users are able to log in but others were not. We don’t think that it has anything to do with the set up of LDAP or AD at our institute and we’ve tried to find common threads between the users who can log in but we have not found anything interesting. Could someone explain what exactly Galaxy looks for when signing users in with AD/LDAP? We found the source code here: ./lib/galaxy/auth/providers/ldap_ad.py but all the code seems to be functioning properly. Here is one of the error outputs in the log when somebody tries to log in for the first time, but cannot: galaxy.auth.providers.ldap_ad DEBUG 2017-02-01 17:16:17,954 LDAP authenticate: whoami is u:SCIEDU\chess galaxy.auth.providers.ldap_ad DEBUG 2017-02-01 17:16:17,954 LDAP authentication successful server ip - - [01/Feb/2017:17:16:12 -0400] "POST /galaxy/user/login?use_panels=False HTTP/1.0" 200 - “http:/galaxyurl.edu/galaxy/user/login?use_panels=False<http://galaxy/user/login?use_panels=False>" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36" ---------------------------------------- Exception happened during processing of request from ('127.0.0.1', 55724) Traceback (most recent call last): File "/localdata1/galaxy/.venv/lib/python2.7/site-packages/paste/httpserver.py", line 1085, in process_request_in_thread self.finish_request(request, client_address) File "/usr/lib64/python2.7/SocketServer.py", line 334, in finish_request self.RequestHandlerClass(request, client_address, self) File "/usr/lib64/python2.7/SocketServer.py", line 651, in __init__ self.finish() File "/usr/lib64/python2.7/SocketServer.py", line 710, in finish self.wfile.close() File "/usr/lib64/python2.7/socket.py", line 279, in close self.flush() File "/usr/lib64/python2.7/socket.py", line 303, in flush self._sock.sendall(view[write_offset:write_offset+buffer_size]) error: [Errno 32] Broken pipe Any insight would be appreciated. Thanks!
Hi I have no solution for you so far. However, I recommend to have a closer look at the entries in the 'galaxy_user' table for the users which work, and the users which don't work. In particular, check for 'email' and 'username' whether they are exactly the same as in your accounts provider. I assume, you have galaxy users, which have been using galaxy before you switched to external authentication? Or have you used authentication through apache before? Regards, Hans-Rudolf On 02/02/2017 04:12 PM, Yip, Miu ki wrote:
Hi all,
After setting up AD/LDAP in Galaxy, we noticed that for some reason, some users are able to log in but others were not. We don’t think that it has anything to do with the set up of LDAP or AD at our institute and we’ve tried to find common threads between the users who can log in but we have not found anything interesting.
Could someone explain what exactly Galaxy looks for when signing users in with AD/LDAP? We found the source code here: ./lib/galaxy/auth/providers/ldap_ad.py but all the code seems to be functioning properly.
Here is one of the error outputs in the log when somebody tries to log in for the first time, but cannot:
galaxy.auth.providers.ldap_ad DEBUG 2017-02-01 17:16:17,954 LDAP authenticate: whoami is u:SCIEDU\chess galaxy.auth.providers.ldap_ad DEBUG 2017-02-01 17:16:17,954 LDAP authentication successful server ip - - [01/Feb/2017:17:16:12 -0400] "POST /galaxy/user/login?use_panels=False HTTP/1.0" 200 - “http:/galaxyurl.edu/galaxy/user/login?use_panels=False<http://galaxy/user/login?use_panels=False>" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36" ---------------------------------------- Exception happened during processing of request from ('127.0.0.1', 55724) Traceback (most recent call last): File "/localdata1/galaxy/.venv/lib/python2.7/site-packages/paste/httpserver.py", line 1085, in process_request_in_thread self.finish_request(request, client_address) File "/usr/lib64/python2.7/SocketServer.py", line 334, in finish_request self.RequestHandlerClass(request, client_address, self) File "/usr/lib64/python2.7/SocketServer.py", line 651, in __init__ self.finish() File "/usr/lib64/python2.7/SocketServer.py", line 710, in finish self.wfile.close() File "/usr/lib64/python2.7/socket.py", line 279, in close self.flush() File "/usr/lib64/python2.7/socket.py", line 303, in flush self._sock.sendall(view[write_offset:write_offset+buffer_size]) error: [Errno 32] Broken pipe
Any insight would be appreciated. Thanks! ___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
participants (2)
-
Hans-Rudolf Hotz
-
Yip, Miu ki