<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Times New Roman; font-size: 12pt; color: #000000'><br><br>----- Original Message -----<br>From: "Chris Allan" <callan@lifesci.dundee.ac.uk><br>To: "Kent Nasveschuk" <knasveschuk@mbl.edu><br>Cc: "Bernhard Holländer" <bernhard.voigt@gmail.com>, "Open Microscopy" <ome-users@lists.openmicroscopy.org.uk><br>Sent: Friday, November 6, 2009 10:39:51 AM GMT -05:00 US/Canada Eastern<br>Subject: Re: [ome-users] Migrating from 3.1.x to 4.1.0<br><br><br>On 6 Nov 2009, at 15:32, Kent Nasveschuk wrote:<br><br>> OK I was able to login as root via admin interface. I will leave all <br>> settings related to Django pointing to sqlite3.<br><br>*thumbs up*<br><br>><br>> Question, I noticed some stuff related to LDAP, does that mean I <br>> could tie user authentication to an OpenLDAP directory?<br><br>Absolutely.<br><br>> If so, can local authentication coexist with LDAP?<br><br>Sure can, yep.<br><br>> Also, I'm assuming I would have to create the user in Omero first, <br>> then some how point authentication to LDAP.<br><br>No. Once you set up LDAP authentication, when a user performs a <br>successful login that corresponds to an LDAP backed account user <br>accounts in OMERO are created automatically. From this point forward <br>passwords are the only thing that are looked up in the LDAP directory.<br><br>That's cool, autopopulate. I just added settings to connect to our directory server and it works as you said, grabbing my cn, sn, givenname and mail to populate postgres database. That is wonderful!<br><br>I will fiddle with the allow/deny LDAP settings based on group/attribute/value. I'm sure that this is something that will need to use to restrict access.<br><br>Thanks so much for your help. At the moment I'm out of questions to ask.<br><br>><br>> Thanks for your help.<br><br>No problem.<br><br>><br>> Kent<br><br>-Chris<br><br>><br>> ----- Original Message -----<br>> From: "Chris Allan" <callan@lifesci.dundee.ac.uk><br>> To: "Kent Nasveschuk" <knasveschuk@mbl.edu><br>> Cc: "Bernhard Holländer" <bernhard.voigt@gmail.com><br>> Sent: Friday, November 6, 2009 9:59:10 AM GMT -05:00 US/Canada Eastern<br>> Subject: Re: [ome-users] Migrating from 3.1.x to 4.1.0<br>><br>><br>> On 6 Nov 2009, at 14:45, Kent Nasveschuk wrote:<br>><br>> ><br>> ><br>> > Kent<br>> ><br>> > ----- Original Message -----<br>> > From: "Chris Allan" <callan@lifesci.dundee.ac.uk><br>> > To: "Kent Nasveschuk" <knasveschuk@mbl.edu><br>> > Cc: "Bernhard Holländer" <bernhard.voigt@gmail.com><br>> > Sent: Friday, November 6, 2009 7:52:15 AM GMT -05:00 US/Canada <br>> Eastern<br>> > Subject: Re: [ome-users] Migrating from 3.1.x to 4.1.0<br>> ><br>> ><br>> > On 5 Nov 2009, at 21:12, Kent Nasveschuk wrote:<br>> ><br>> > > OK, I'm a little farther but can't login to that admin <br>> interface. I<br>> > > set the web admin user using:<br>> > ><br>> > > bin/omero web superuser<br>> > > answering questions.<br>> > ><br>> > > Here is the output of bin/omero admin diagnostics<br>> > > bash-3.2$ bin/omero admin diagnostics<br>> > ><br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > ><br>> > <br>> ======================================================================<br>> > > OMERO Diagnostics Beta-4.1.0-r5585-b12<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > > =<br>> > ><br>> > <br>> ======================================================================<br>> > ><br>> > > Commands: java -version 1.6.0 (/opt/<br>> > > jdk1.6.0_07/bin/java -- 2 others)<br>> > > Commands: python -V 2.4 (/usr/bin/<br>> > python)<br>> > > Commands: icegridnode --version 3.3 (/usr/bin/<br>> > > icegridnode)<br>> > > Commands: icegridadmin --version 3.3 (/usr/bin/<br>> > > icegridadmin)<br>> > > Commands: psql --version 8.1.11 (/usr/bin/ <br>> psql)<br>> > ><br>> > > Server: icegridnode running<br>> > > Server: Blitz-0 active (pid = 31983,<br>> > > enabled)<br>> > > Server: DropBox inactive (disabled)<br>> > > Server: FSServer inactive (disabled)<br>> > > Server: Indexer-0 active (pid = 31994,<br>> > > enabled)<br>> > > Server: OMERO.Glacier2 active (pid = 31996,<br>> > > enabled)<br>> > > Server: OMERO.IceStorm active (pid = 31997,<br>> > > enabled)<br>> > > Server: Processor-0 active (pid = 32004,<br>> > > enabled)<br>> > > Server: Tables-0 inactive (disabled)<br>> > > Server: TestDropBox inactive (enabled)<br>> > > Server: Web inactive (enabled)<br>> > ><br>> > > Log dir: /data/omero-Beta4.1.0/var/log exists<br>> > ><br>> > > Log files: Blitz-0.log 73.0 KB errors=0<br>> > > warnings=4<br>> > > Log files: DropBox.log 3.0 KB errors=4<br>> > > warnings=0<br>> > > Log files: FSServer.log 1.0 KB errors=2<br>> > > warnings=0<br>> > > Log files: Indexer-0.log 3.0 KB errors=0<br>> > > warnings=2<br>> > > Log files: OMEROweb.log n/a<br>> > > Log files: Processor-0.log 2.0 KB errors=0<br>> > > warnings=1<br>> > > Log files: Tables-0.log n/a<br>> > > Log files: TestDropBox.log n/a<br>> > > Log files: master.err 1.0 KB errors=0<br>> > > warnings=4<br>> > > Log files: master.out 0.0 KB<br>> > > Log files: Total size 0.09 MB<br>> > ><br>> > > output of bin/omero config get<br>> > > -bash-3.2$ bin/omero config get<br>> > > omero.data.dir=/data/OMERO<br>> > > omero.db.name=omero3<br>> > > omero.db.pass=<secret><br>> > > omero.db.user=omero<br>> > ><br>> > > Tested my connection to postgres running on localhost with <br>> username<br>> > > and password. That works<br>> > ><br>> > > Using mod_python and virtualhost on apache2 which works fine. I <br>> can<br>> > > get to the webadmin and webadmin login.<br>> > ><br>> > > What's a little confusing is the omero.server an on demand <br>> daemon or<br>> > > does it need to be running when apache is running?<br>> ><br>> > It needs to be running when Apache is running.<br>> ><br>> > ><br>> > > I started with bin/omero admin start<br>> > ><br>> > > ps ax<br>> > > ...<br>> > > 31948 ? Sl 0:00 icegridnode --daemon --pidfile /data/<br>> > > omero-Beta4.1.0/var/master/master.pid --nochdir --Ice.Config=/ <br>> data/<br>> > > omero-Beta4.1.0/etc/internal.cfg,/data/omero-Beta4.1.0/etc/master.<br>> > > 31983 ? Sl 0:29 java -Xmx512M - <br>> Djava.awt.headless=true -<br>> > > Dlog4j.configuration=etc/log4j.xml -Domero.logfile=var/log/$<br>> > > {omero.name}.log -Domero.name=Blitz-0 -jar lib/server/blitz.jar --<br>> > Ice.<br>> > > 31994 ? Sl 0:35 java -Xmx256M - <br>> Djava.awt.headless=true -<br>> > > Dlog4j.configuration=etc/log4j-indexing.xml -Domero.logfile=var/<br>> > log/$<br>> > > {omero.name}.log -Domero.name=Indexer-0 -jar lib/server/blitz<br>> > > 31996 ? Sl 0:00 glacier2router --Ice.Config=/data/ <br>> omero-<br>> > > Beta4.1.0/var/master/servers/OMERO.Glacier2/config/config<br>> > > 31997 ? Sl 0:00 icebox --Ice.Config=/data/omero-<br>> > Beta4.1.0/<br>> > > var/master/servers/OMERO.IceStorm/config/config<br>> > > 32004 ? Sl 0:00 python lib/python/runProcessor.py --<br>> > > Ice.Config=/data/omero-Beta4.1.0/var/master/servers/Processor-0/<br>> > > config/config<br>> > > 32095 ? S 0:03 postgres: omero omero3 127.0.0.1(52367)<br>> > > idle<br>> ><br>> > Looks good.<br>> ><br>> > > ...<br>> > ><br>> > > The only thing I see in the weblog is:<br>> > > ...<br>> > > 2009-11-05 20:32:05,491 blitz_gateway: INFO first create <br>> session<br>> > > had errors, hold off 10 secs and retry (but only once)<br>> > > 2009-11-05 20:32:05,509 blitz_gateway: INFO (3) calling<br>> > > createSession()<br>> > > 2009-11-05 20:32:05,563 webgateway : ERROR Critical error <br>> during<br>> > > connect, retrying after _purge<br>> > > 2009-11-05 20:32:05,592 blitz_gateway: INFO host: localhost,<br>> > > port: 4063<br>> > > 2009-11-05 20:32:05,620 blitz_gateway: INFO (1) calling<br>> > > createSession()<br>> > > 2009-11-05 20:32:05,648 blitz_gateway: INFO<br>> > > BlitzGateway.connect().createSession(): Traceback (most recent <br>> call<br>> > > last):<br>> > > File "/data/omero-Beta4.1.0/lib/python/omero/gateway/ <br>> __init__.py",<br>> > > line 423, in connect<br>> > > self._createSession()<br>> > > File "/data/omero-Beta4.1.0/lib/python/omero/gateway/ <br>> __init__.py",<br>> > > line 315, in _createSession<br>> > > self._ic_props[omero.constants.PASSWORD])<br>> > > File "/data/omero-Beta4.1.0/lib/python/omero/clients.py", line <br>> 376,<br>> > > in createSession<br>> > > prx = self.getRouter(self.__ic).createSession(username, <br>> password)<br>> > > File "/usr/lib/python2.4/site-packages/Ice/ <br>> Glacier2_Router_ice.py",<br>> > > line 107, in createSession<br>> > > return _M_Glacier2.Router._op_createSession.invoke(self,<br>> > > ((userId, password), _ctx))<br>> > > PermissionDeniedException:<br>> > > exception ::Glacier2::PermissionDeniedException<br>> > > {<br>> > > reason = permission denied<br>> > > }<br>> > ><br>> > > 2009-11-05 20:32:05,687 blitz_gateway: INFO first create <br>> session<br>> > > had errors, hold off 10 secs and retry (but only once)<br>> > > 2009-11-05 20:32:05,706 blitz_gateway: INFO (3) calling<br>> > > createSession()<br>> > > 2009-11-05 20:32:06,034 views-web : INFO INIT '32218'<br>> ><br>> > That's an authentication failure quite simply. Is this still using <br>> the<br>> > upgrade? Are you logging in using a user that exists in OMERO?<br>> ><br>> > I'm logging in with the "webadmin" user I created with:<br>> > bin/omero web superuser<br>><br>> That's just a superuser for administering the Django settings, it does<br>> not apply to general logins. You'll need to login with whatever<br>> username and password is in your OMERO database (root most likely at<br>> this point).<br>><br>> ><br>> > I'm trying to login to the web:<br>> > http://omero.mbl.edu/webadmin/login/?url=/Webadmin/<br>> ><br>> > This is the upgraded database being used by the Beta4.1.0 version<br>> ><br>> > Here is more confusion on my part.<br>> > /data/omero-Beta4.1.0/lib/python/omeroweb/settings.py<br>> ><br>> > contains database settings for sqlite3, should that be pointing to<br>> > postgresql_psycopg2 and the omero database on postgres?<br>><br>> No, they have nothing to do with each other. The sqlite3 database is<br>> strictly used for the configuration settings of OMERO.web.<br>><br>> ><br>> > > ...<br>> > ><br>> > > Any ideas? Anywhere else I can look?<br>> > ><br>> > > Kent<br>> ><br>> > -Chris<br>><br>> -Chris<br>><br><br></div></body></html>