Peter, I have been using the default http protocol for the Galaxy server which is not preferred. I am now testing uwsgi TCP sockets. I start the server on server root without sub-uri to see how it works.
Here is my Apache configuration: <VirtualHost *:8443> ServerName xxx.xxx.xxx.xxx ServerAdmin ad...@xxx.xxx DocumentRoot "/opt/rh/httpd24/root/var/www/html" TransferLog "logs/scgalaxy_access.log" ErrorLog "logs/scgalaxy_error.log" SSLEngine On SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCertificateFile "/etc/pki/tls/certs/galaxy.cer" SSLCertificateKeyFile "/etc/pki/tls/private/galaxy.key" SSLCertificateChainFile "/etc/pki/tls/certs/galaxy.cer" RewriteEngine on ProxyPass / uwsgi://127.0.0.1:4001/ # access is denied due to username not provided with external authentication method # ProxyPass / http://127.0.0.1:8080/ # same configuration works fine with http <Location "/"> SSLRequireSSL AuthType CAS Require valid-user RewriteCond %{IS_SUBREQ} ^false$ RewriteCond %{LA-U:REMOTE_USER} (.+) RewriteRule . - [E=RU:%1] RequestHeader set X-URL-SCHEME https RequestHeader set REMOTE_USER %{REMOTE_USER}s </Location> </VirtualHost> However, when accessing the galaxy server, I got the following error. The same setting works fine when galaxy is served with http. What need be changed in Apache for serving galaxy with uwsgi socket? Access to Galaxy is denied Galaxy is configured to authenticate users via an external method (such as HTTP authentication in Apache), but a username was not provided by the upstream (proxy) server. This is generally due to a misconfiguration in the upstream server. The log file dumps the following output: galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,724 [p:19333,w:1,m:0] [uWSGIWorker1Core0] Unable to identify user. HTTP_REMOTE_USER not found galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,725 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.multiprocess = False galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,725 [p:19333,w:1,m:0] [uWSGIWorker1Core0] paste.recursive.include_app_iter = <paste.recursive.IncluderAppIter from /> galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,725 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_COOKIE = _ga=GA1.2.525722961.1528376483; __utma=194481448.525722961.1528376483.1528377532.1528377532.1; _vwo_uuid_v2=DF9EBC570796316331B3F82AE49BE8DE8|18923f6303554ba0ab6938b046ebc11c; _vwo_uuid=DF9EBC570796316331B3F82AE49BE8DE8; MOD_AUTH_CAS_S=4865a71d55619aa6196d7b753d27356e; galaxysession=4a833ad4d9934a58ce0b64778f963b982b8f5e10ca4a7b26ac9eeb1368c1462fdcb2aa7c9f32ba00 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] paste.recursive.forward = <paste.recursive.Forwarder from /> galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] CONTEXT_DOCUMENT_ROOT = /opt/rh/httpd24/root/var/www/html galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SERVER_SOFTWARE = Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips Phusion_Passenger/4.0.50 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] paste.recursive.include = <paste.recursive.Includer from /> galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] CONTEXT_PREFIX = galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SERVER_SIGNATURE = galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] REQUEST_METHOD = GET galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] PATH_INFO = / galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SERVER_PROTOCOL = HTTP/1.1 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,726 [p:19333,w:1,m:0] [uWSGIWorker1Core0] QUERY_STRING = galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] PATH = /opt/rh/rh-ruby22/root/usr/bin:/opt/rh/httpd24/root/usr/bin:/opt/rh/httpd24/root/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] LD_LIBRARY_PATH = /opt/rh/rh-ruby22/root/usr/lib64:/opt/rh/httpd24/root/usr/lib64 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SSL_TLS_SNI = portal-terra.hprc.tamu.edu galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] RU = pingluo galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_USER_AGENT = Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_CONNECTION = keep-alive galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SERVER_NAME = portal-terra.hprc.tamu.edu galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] REMOTE_ADDR = 165.91.254.86 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] paste.throw_errors = True galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,727 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.url_scheme = https galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SERVER_PORT = 8443 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] uwsgi.node = portal galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SERVER_ADDR = 165.91.16.42 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] DOCUMENT_ROOT = /opt/rh/httpd24/root/var/www/html galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] original_wsgi.url_scheme = https galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] uwsgi.core = 0 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SCRIPT_FILENAME = proxy:uwsgi:// 127.0.0.1:4001/ galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SERVER_ADMIN = ad...@hprc.tamu.edu galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,728 [p:19333,w:1,m:0] [uWSGIWorker1Core0] paste.recursive.script_name = galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SCRIPT_URI = https://portal-terra.hprc.tamu.edu:8443/ galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.input = <uwsgi._Input object at 0x2ad4f36e81e0> galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] REMOTE_USER = pingluo galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_HOST = portal-terra.hprc.tamu.edu:8443 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SCRIPT_URL = / galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTPS = on galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.multithread = True galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,729 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_UPGRADE_INSECURE_REQUESTS = 1 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,730 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_CACHE_CONTROL = max-age=0 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,730 [p:19333,w:1,m:0] [uWSGIWorker1Core0] REQUEST_URI = / galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,730 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_ACCEPT = text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,730 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_X_URL_SCHEME = https galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,730 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.version = (1, 0) galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,730 [p:19333,w:1,m:0] [uWSGIWorker1Core0] GATEWAY_INTERFACE = CGI/1.1 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,730 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.run_once = False galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] SCRIPT_NAME = galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] REMOTE_PORT = 56284 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_ACCEPT_LANGUAGE = en-US,en;q=0.5 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] REQUEST_SCHEME = https galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.errors = <open file 'wsgi_errors', mode 'w' at 0x2ad4f3b350c0> galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] uwsgi.version = 2.0.17.1 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] request_id = d8e1b156ffc111e8bbbc0894ef20d911 galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,731 [p:19333,w:1,m:0] [uWSGIWorker1Core0] wsgi.file_wrapper = <built-in function uwsgi_sendfile> galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,732 [p:19333,w:1,m:0] [uWSGIWorker1Core0] HTTP_ACCEPT_ENCODING = gzip, deflate, br galaxy.web.framework.middleware.remoteuser DEBUG 2018-12-14 11:01:06,732 [p:19333,w:1,m:0] [uWSGIWorker1Core0] UNIQUE_ID = XBPh0ilC82mF4py6Qa6eRwAAAAI Thanks, Ping On Wed, Dec 12, 2018 at 5:07 AM Peter Briggs <peter.bri...@manchester.ac.uk> wrote: > Hello Ping > > If you're using the YAML config then there isn't an equivalent of the > "[filter:proxy-prefix]" section from the INI version of the config - this > section doesn't seem to be required any more. So the two lines you already > have in the 'galaxy' section of the YAML file should be sufficient i.e. > > galaxy: > #... > filter-with: proxy-prefix > cookie_path: '/galaxy' > > However you also need to make sure that you have the correct options in > the 'uwsgi' section of the YAML config file, and that your Apache > configuration is set correctly to handle the proxy prefix. The relevant > documentation for these is here (for 18.09): > > > https://docs.galaxyproject.org/en/release_18.09/admin/apache.html#serving-galaxy-at-a-url-prefix > > HTH > > Best wishes > > Peter > > -- > Peter Briggs peter.bri...@manchester.ac.uk > Bioinformatics Core Facility University of Manchester > B.1083 Michael Smith Bldg Tel: (0161) 2751482 > > ------------------------------ > *From:* galaxy-dev [galaxy-dev-boun...@lists.galaxyproject.org] on behalf > of Ping Luo [luop0...@gmail.com] > *Sent:* Wednesday, December 12, 2018 6:35 AM > *To:* galaxy-dev > *Subject:* [galaxy-dev] how to configure sub-uri in galaxy.yml > > I am trying to configure Galaxy v18.09 wtih sub-uri. In prior 18.01, I use > this configuration in conjunction with Apache rewrite rules and it works > well: > > [filter:proxy-prefix] > use = egg:PasteDeploy#prefix > prefix = /msgalaxy > [app:main] > filter-with = proxy-prefix > cookie_path = '/galaxy' > > > In galaxy.yml, I know I need to uncomment and add the following > > filter-with: proxy-prefix > cookie_path: '/galaxy' > > However, I don't know where and how to add filter:proxy-prefix. The > comment in config.yml says: > > # If running behind a proxy server and Galaxy is served from a > # subdirectory, enable the proxy-prefix filter and set the prefix in > # the [filter:proxy-prefix] section above. > > which is for galaxy.ini file. An example on how to do it would be much > appreciated. > > Ping >
___________________________________________________________ Please keep all replies on the list by using "reply all" in your mail client. To manage your subscriptions to this and other Galaxy lists, please use the interface at: https://lists.galaxyproject.org/ To search Galaxy mailing lists use the unified search at: http://galaxyproject.org/search/