I’m the administrator for a local Galaxy instance for a few users on a dedicated server in my lab [v19.05, Apache proxy, Linux Debian 10]
For some time now, we’ve run into an annoying and mystifying issue :
when anyone (myself included) tries to login, the site cycles back to the welcome page, without taking authentication into account
However, it remains possible to:
have a wrong user/password combination rejected
reset a user’s password
register a new user
Besides, AFAIK, nothing has changed on the server ! (Issue started before recent Debian upgrade from 10.2 to 10.4)
And I cannot find any relevant error in the logs (Galaxy, Apache or PostgreSQL)
Any suggestion/possible test would be appreciated…
Thanks in advance
PS : Of course, no amount of service restart(s), or even server reboot, helped
After somme digging using Firefox developer tools, I noticed that, when redirected to the home page from the login form, there was an additional warning at the head of the web console, about the « galaxysession » cookie… (pointing to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite)
From there, view-source:https://(…)/galaxy/user/login yields {"err_msg": "No session token set, denying request."}
Since the issue was present on all the recent browser I tried (Firefox, Safari and Edge), on a hunch, I tried with an older one, namely Firefox ESR
And this time I was able to log to Galaxy at last!
So there might be something wrong with session cookie handling in Galaxy…
The issue was eventually resolved when I was able to use “proper” SSL certificates for Apache (i.e. instead of self-signed ones), that were supplied by my University’s IT department.
No more login issues, including with the latest browser versions