remote user CAS invalide session

classic Classic list List threaded Threaded
4 messages Options
| Threaded
Open this post in threaded view
|

remote user CAS invalide session

Laure QUINTRIC
Hi galaxy users,

I just installed version 16.04 of galaxy. I can connect to galaxy with remote user through CAS authentification but my session is invalidated, I get this message in the history :
An error occurred while getting updates from the server. Please contact a Galaxy administrator if the problem persists. <a href="javascript:void(0)">Details

In paster.log, I can see this :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:47,308 User logged in as '[hidden email]' externally, but has a cookie as 'toto' invalidating session

and just after I can see :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:48,018 User logged in as 'toto' externally, but has a cookie as '[hidden email]' invalidating session

It seems that variables remote_user_email and galaxy_session.user.email ( in galaxy/lib/web/framework/webapp.py) are set to login@maildomain and then set to login only... so the user login is not always the user email address.

In the config/galaxy.ini I set
remote_user_maildomain = company.fr
remote_user_header = HTTP_CAS_UID

Can you tell me how to go through this ? I did not have this problem in v16.01.

Best regards




___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/
| Threaded
Open this post in threaded view
|

Re: remote user CAS invalide session

Dannon Baker-2
Thank you for the report!  I'm able to reproduce this here on my local test install and will try to figure out what's going on and let you know when I have a fix.

-Dannon

On Tue, Apr 19, 2016 at 3:07 AM, Laure QUINTRIC <[hidden email]> wrote:
Hi galaxy users,

I just installed version 16.04 of galaxy. I can connect to galaxy with remote user through CAS authentification but my session is invalidated, I get this message in the history :
An error occurred while getting updates from the server. Please contact a Galaxy administrator if the problem persists. Details

In paster.log, I can see this :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:47,308 User logged in as '[hidden email]' externally, but has a cookie as 'toto' invalidating session

and just after I can see :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:48,018 User logged in as 'toto' externally, but has a cookie as '[hidden email]' invalidating session

It seems that variables remote_user_email and galaxy_session.user.email ( in galaxy/lib/web/framework/webapp.py) are set to login@maildomain and then set to login only... so the user login is not always the user email address.

In the config/galaxy.ini I set
remote_user_maildomain = company.fr
remote_user_header = HTTP_CAS_UID

Can you tell me how to go through this ? I did not have this problem in v16.01.

Best regards




___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/


___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/
| Threaded
Open this post in threaded view
|

Re: remote user CAS invalide session

Dannon Baker-2
This turned out to be a problem with how the maildomain was handled after a recent fix to support API interactions bypassing remote user auth.

I'm working on a fix which you can follow and test here:  https://github.com/galaxyproject/galaxy/pull/2195

Thanks again for the report!

On Tue, Apr 19, 2016 at 8:25 AM, Dannon Baker <[hidden email]> wrote:
Thank you for the report!  I'm able to reproduce this here on my local test install and will try to figure out what's going on and let you know when I have a fix.

-Dannon

On Tue, Apr 19, 2016 at 3:07 AM, Laure QUINTRIC <[hidden email]> wrote:
Hi galaxy users,

I just installed version 16.04 of galaxy. I can connect to galaxy with remote user through CAS authentification but my session is invalidated, I get this message in the history :
An error occurred while getting updates from the server. Please contact a Galaxy administrator if the problem persists. Details

In paster.log, I can see this :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:47,308 User logged in as '[hidden email]' externally, but has a cookie as 'toto' invalidating session

and just after I can see :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:48,018 User logged in as 'toto' externally, but has a cookie as '[hidden email]' invalidating session

It seems that variables remote_user_email and galaxy_session.user.email ( in galaxy/lib/web/framework/webapp.py) are set to login@maildomain and then set to login only... so the user login is not always the user email address.

In the config/galaxy.ini I set
remote_user_maildomain = company.fr
remote_user_header = HTTP_CAS_UID

Can you tell me how to go through this ? I did not have this problem in v16.01.

Best regards




___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/



___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/
| Threaded
Open this post in threaded view
|

Re: remote user CAS invalide session

Laure QUINTRIC
Thank you for your quick support.
Laure

Le 19/04/2016 19:05, Dannon Baker a écrit :
This turned out to be a problem with how the maildomain was handled after a recent fix to support API interactions bypassing remote user auth.

I'm working on a fix which you can follow and test here:  https://github.com/galaxyproject/galaxy/pull/2195

Thanks again for the report!

On Tue, Apr 19, 2016 at 8:25 AM, Dannon Baker <[hidden email]> wrote:
Thank you for the report!  I'm able to reproduce this here on my local test install and will try to figure out what's going on and let you know when I have a fix.

-Dannon

On Tue, Apr 19, 2016 at 3:07 AM, Laure QUINTRIC <[hidden email]> wrote:
Hi galaxy users,

I just installed version 16.04 of galaxy. I can connect to galaxy with remote user through CAS authentification but my session is invalidated, I get this message in the history :
An error occurred while getting updates from the server. Please contact a Galaxy administrator if the problem persists. Details

In paster.log, I can see this :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:47,308 User logged in as '[hidden email]' externally, but has a cookie as 'toto' invalidating session

and just after I can see :

galaxy.web.framework.webapp WARNING 2016-04-18 17:37:48,018 User logged in as 'toto' externally, but has a cookie as '[hidden email]' invalidating session

It seems that variables remote_user_email and galaxy_session.user.email ( in galaxy/lib/web/framework/webapp.py) are set to login@maildomain and then set to login only... so the user login is not always the user email address.

In the config/galaxy.ini I set
remote_user_maildomain = company.fr
remote_user_header = HTTP_CAS_UID

Can you tell me how to go through this ? I did not have this problem in v16.01.

Best regards




___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/




___________________________________________________________
Please keep all replies on the list by using "reply all"
in your mail client.  To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
  https://lists.galaxyproject.org/

To search Galaxy mailing lists use the unified search at:
  http://galaxyproject.org/search/mailinglists/