Hi,
we are running a local galaxy installation with ldap authentification for user login. Since the OU of the users was changed we are no longer able to login to or start up the galaxy installation. When starting galaxy we receive this error in the log:
galaxy.web.stack DEBUG 2022-03-01 16:42:11,442 PasteApplicationStack initialized
galaxy.web.stack DEBUG 2022-03-01 16:42:11,465 server_name set to: main
galaxy.queue_worker INFO 2022-03-01 16:42:11,478 Initializing main Galaxy Queue Worker on sqlalchemy+postgresql://galaxy:********@htseqpg.inet.dkfz-heidelberg.de/galaxy
galaxy.app DEBUG 2022-03-01 16:42:14,967 Using "galaxy.ini" config file: /opt/galaxy/galaxy/config/galaxy.ini
Traceback (most recent call last):
File "/opt/galaxy/galaxy/lib/galaxy/webapps/galaxy/buildapp.py", line 49, in app_factory
app = galaxy.app.UniverseApplication(global_conf=global_conf, **kwargs)
File "/opt/galaxy/galaxy/lib/galaxy/app.py", line 86, in __init__
self._configure_models(check_migrate_databases=True, check_migrate_tools=check_migrate_tools, config_file=config_file)
File "/opt/galaxy/galaxy/lib/galaxy/config.py", line 1156, in _configure_models
create_or_verify_database(db_url, config_file, self.config.database_engine_options, app=self)
File "/opt/galaxy/galaxy/lib/galaxy/model/migrate/check.py", line 33, in create_or_verify_database
new_database = not database_exists(url)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy_utils/functions/database.py", line 481, in database_exists
return bool(get_scalar_result(engine, text))
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy_utils/functions/database.py", line 455, in get_scalar_result
result_proxy = engine.execute(sql)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/engine/base.py", line 2074, in execute
connection = self.contextual_connect(close_with_result=True)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/engine/base.py", line 2123, in contextual_connect
self._wrap_pool_connect(self.pool.connect, None),
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/engine/base.py", line 2162, in _wrap_pool_connect
e, dialect, self)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/engine/base.py", line 1476, in _handle_dbapi_exception_noconnection
exc_info
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/util/compat.py", line 265, in raise_from_cause
reraise(type(exception), exception, tb=exc_tb, cause=cause)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/engine/base.py", line 2158, in _wrap_pool_connect
return fn()
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 400, in connect
return _ConnectionFairy._checkout(self)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 788, in _checkout
fairy = _ConnectionRecord.checkout(pool)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 529, in checkout
rec = pool._do_get()
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 1193, in _do_get
self._dec_overflow()
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/util/langhelpers.py", line 66, in __exit__
compat.reraise(exc_type, exc_value, exc_tb)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 1190, in _do_get
return self._create_connection()
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 347, in _create_connection
return _ConnectionRecord(self)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 474, in __init__
self.__connect(first_connect_check=True)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/pool.py", line 671, in __connect
connection = pool._invoke_creator(self)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/engine/strategies.py", line 106, in connect
return dialect.connect(*cargs, **cparams)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/sqlalchemy/engine/default.py", line 412, in connect
return self.dbapi.connect(*cargs, **cparams)
File "/opt/galaxy/galaxy/.venv/lib/python2.7/site-packages/psycopg2/__init__.py", line 130, in connect
conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
OperationalError: (psycopg2.OperationalError) FATAL: LDAP authentication failed for user "galaxy"
(Background on this error at: http://sqlalche.me/e/e3q8)
and this is how our auth_conf.xml looks like:
<?xml version="1.0"?>
<auth>
<authenticator>
<type>ldap</type>
<!--<filter>'{email}'.endswith('@dkfz-heidelberg.de')</filter>-->
<options>
<allow-register>False</allow-register>
<auto-register>True</auto-register>
<allow-password-change>False</allow-password-change>
<server>ldap://dkfzad6.ad.dkfz-heidelberg.de</server>
<login-use-username>True</login-use-username>
<continue-on-failure>False</continue-on-failure>
<search-fields>sAMAccountName,mail</search-fields>
<search-base>DC=ad,DC=dkfz-heidelberg,DC=de</search-base>
<search-filter>(&(objectClass=user)(sAMAccountName={username})(memberOf=CN=W190-galaxy-users,OU=OE0318,OU=Fsp-W,OU=DKFZ,DC=ad,DC=dkfz-heidelberg,DC=de))</search-filter>
<search-user>ldap</search-user>
<search-password>logalvsa</search-password>
<bind-user>{sAMAccountName}@ad.dkfz-heidelberg.de</bind-user>
<bind-password>{password}</bind-password>
<auto-register-username>{sAMAccountName}</auto-register-username>
<auto-register-email>{mail}</auto-register-email>
</options>
</authenticator>
</auth>
I am pretty lost as to where the error may be, so any ideas are welcome. My (pure guessing) is that maybe the user database is not updated with the new OU correctly and authentication fails because of the old user data? Could this be the case?