On Tue, Oct 30, 2012 at 4:03 PM, Ross <ross.lazarus(a)gmail.com> wrote:
Doesn't make sense that you can wget directly from the paste
if you have security properly configured!
That's what you can do with the main Galaxy site. Not sure if that's
intentional though. You can try
See if you can download my own dataset without providing any credential.
Do you have Apache authenticating and passing headers through to the
paste process - this section in universe_wsgi.ini
# User authentication can be delegated to an upstream proxy server (usually
# Apache). The upstream proxy should set a REMOTE_USER header in the
# Enabling remote user disables regular logins. For more information, see:
use_remote_user = True
If so, you should not be able to access anything via the paste process
directly without adding authentication headers. Once that's fixed (you
do NOT want anyone to be able to do what you can do - it bypasses all
security!) the apache configuration will probably need tweaking. It's
hard to advise - it's mostly voodoo IMHO - do you have an apache
We don't use Apache for authentication. Thus use_remote_user = False. Will
read more about this remote user thing.