Re: [galaxy-dev] User creation with upstream authentication
Steve Thorn wrote:
Hi Nate
Thanks for the reply. Do you have any pointers to how we can achieve authorization in Apache (not my area of experience)? Perhaps you know of other Galaxy groups who do this sort of thing?
Hi Steve, Instead of 'Require valid-user' in your Apache config, you can use either of: Require user [userid...] or Require group [group-name...] Anyone not listed in the Require directive would be shown a 403 error by Apache, which you can customize to contain any information necessary to direct users how to get access (contacting you). --nate
Many thanks Steve
On 28 Jun 2011, at 19:31, Nate Coraor wrote:
Steve Thorn wrote:
Hello
We would like to force users to register even when they successfully pass through our University's single sign-on service (Apache + cosign).
We have:
use_remote_user = True allow_user_creation = False
in the universe_wsgi.ini, but it appears that use_remote_user takes precedence over allow_user_creation.
Ideally, we'd like users who get through the single sign-on to be presented with a message like "to use galaxy please register by emailing someone@ed.ac.uk". Is this possible?
Hi Steve,
This is not really possible in Galaxy without some hacking since as you have discovered, remote_user takes precedence over all of the built-in user controls. You can implement authorization in Apache, though, as a workaround.
--nate
Many thanks, Steve -- Steve Thorn Research Systems Consultant - ECDF Middleware Team +44 (0)131 650 4941 University of Edinburgh, JCMB, King's Buildings Edinburgh EH9 3JZ, UK
The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at:
-- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
participants (1)
-
Nate Coraor