Hi Lance just double checking: Have you implemented this fix: https://github.com/galaxyproject/galaxy/pull/1003 (https://gist.github.com/8d0412367371127e90ad) This solved our problem with the 'View all histories' nicely - though we still have problems with 'Impersonate a user' Regards, Hans-Rudolf On 03/01/2016 11:06 PM, Lance Parsons wrote:

I am currently using Apache and CAS (https://en.wikipedia.org/wiki/Central_Authentication_Service) to provide external authentication to Galaxy. I'd like to start using the API, however, I've not been able to find a way to get that to work.

A while back, someone suggested using the following:

<Location "/api"> Satisfy Any Allow from all </Location>

However, this breaks the history view at least, since the ajax call is an /api call and no HTTP_REMOTE_USER gets set. Does anyone have any suggestions? I'd love to get this going with some simple configuration...

I know I could move over to LDAP, but that is not desirable since it's less secure than CAS.

Another option would be to implement CAS within Galaxy, but that does seem like a good bit of work, but perhaps someone is already working on it or at least interested?