Galaxy and HTTPS User-authentification
Hi, I have a question regarding the user authentication of Galaxy. As to my knowledge galaxy uses http, also for the authentication, so the User Email and the password are send in clear text. As I like to use Galaxy for user-authentication and due several disadvantages not an external authentification like described here (https://wiki.galaxyproject.org/Admin/Config/ExternalUserDatbases): Is there any way of using https or an encryption-method for sending user email and password. With kind regards, Matthias Enders
On Aug 20, 2014, at 3:53 AM, Matthias Enders <m.enders@german-seed-alliance.de> wrote:
Hi,
I have a question regarding the user authentication of Galaxy.
As to my knowledge galaxy uses http, also for the authentication, so the User Email and the password are send in clear text.
As I like to use Galaxy for user-authentication and due several disadvantages not an external authentification like described here (https://wiki.galaxyproject.org/Admin/Config/ExternalUserDatbases): Is there any way of using https or an encryption-method for sending user email and password.
Hi Matthias, You can still serve Galaxy over HTTPS by placing it behind a proxy, even if you do not intend to perform authentication in the proxy. You'll just need to set X-URL-SCHEME in the proxy, as documented: For nginx: https://wiki.galaxyproject.org/Admin/Config/nginxProxy For Apache: https://wiki.galaxyproject.org/Admin/Config/ApacheProxy --nate
With kind regards, Matthias Enders
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: http://lists.bx.psu.edu/
To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/mailinglists/
participants (2)
-
Matthias Enders -
Nate Coraor