[ome-users] Migrating from 3.1.x to 4.1.0

Kent Nasveschuk knasveschuk at mbl.edu
Fri Nov 6 17:32:58 GMT 2009



----- Original Message ----- 
From: "Chris Allan" <callan at lifesci.dundee.ac.uk> 
To: "Kent Nasveschuk" <knasveschuk at mbl.edu> 
Cc: "Bernhard Holländer" <bernhard.voigt at gmail.com>, "Open Microscopy" <ome-users at lists.openmicroscopy.org.uk> 
Sent: Friday, November 6, 2009 10:39:51 AM GMT -05:00 US/Canada Eastern 
Subject: Re: [ome-users] Migrating from 3.1.x to 4.1.0 


On 6 Nov 2009, at 15:32, Kent Nasveschuk wrote: 

> OK I was able to login as root via admin interface. I will leave all 
> settings related to Django pointing to sqlite3. 

*thumbs up* 

> 
> Question, I noticed some stuff related to LDAP, does that mean I 
> could tie user authentication to an OpenLDAP directory? 

Absolutely. 

> If so, can local authentication coexist with LDAP? 

Sure can, yep. 

> Also, I'm assuming I would have to create the user in Omero first, 
> then some how point authentication to LDAP. 

No. Once you set up LDAP authentication, when a user performs a 
successful login that corresponds to an LDAP backed account user 
accounts in OMERO are created automatically. From this point forward 
passwords are the only thing that are looked up in the LDAP directory. 

That's cool, autopopulate. I just added settings to connect to our directory server and it works as you said, grabbing my cn, sn, givenname and mail to populate postgres database. That is wonderful! 

I will fiddle with the allow/deny LDAP settings based on group/attribute/value. I'm sure that this is something that will need to use to restrict access. 

Thanks so much for your help. At the moment I'm out of questions to ask. 

> 
> Thanks for your help. 

No problem. 

> 
> Kent 

-Chris 

> 
> ----- Original Message ----- 
> From: "Chris Allan" <callan at lifesci.dundee.ac.uk> 
> To: "Kent Nasveschuk" <knasveschuk at mbl.edu> 
> Cc: "Bernhard Holländer" <bernhard.voigt at gmail.com> 
> Sent: Friday, November 6, 2009 9:59:10 AM GMT -05:00 US/Canada Eastern 
> Subject: Re: [ome-users] Migrating from 3.1.x to 4.1.0 
> 
> 
> On 6 Nov 2009, at 14:45, Kent Nasveschuk wrote: 
> 
> > 
> > 
> > Kent 
> > 
> > ----- Original Message ----- 
> > From: "Chris Allan" <callan at lifesci.dundee.ac.uk> 
> > To: "Kent Nasveschuk" <knasveschuk at mbl.edu> 
> > Cc: "Bernhard Holländer" <bernhard.voigt at gmail.com> 
> > Sent: Friday, November 6, 2009 7:52:15 AM GMT -05:00 US/Canada 
> Eastern 
> > Subject: Re: [ome-users] Migrating from 3.1.x to 4.1.0 
> > 
> > 
> > On 5 Nov 2009, at 21:12, Kent Nasveschuk wrote: 
> > 
> > > OK, I'm a little farther but can't login to that admin 
> interface. I 
> > > set the web admin user using: 
> > > 
> > > bin/omero web superuser 
> > > answering questions. 
> > > 
> > > Here is the output of bin/omero admin diagnostics 
> > > bash-3.2$ bin/omero admin diagnostics 
> > > 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > 
> > 
> ====================================================================== 
> > > OMERO Diagnostics Beta-4.1.0-r5585-b12 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > = 
> > > 
> > 
> ====================================================================== 
> > > 
> > > Commands: java -version 1.6.0 (/opt/ 
> > > jdk1.6.0_07/bin/java -- 2 others) 
> > > Commands: python -V 2.4 (/usr/bin/ 
> > python) 
> > > Commands: icegridnode --version 3.3 (/usr/bin/ 
> > > icegridnode) 
> > > Commands: icegridadmin --version 3.3 (/usr/bin/ 
> > > icegridadmin) 
> > > Commands: psql --version 8.1.11 (/usr/bin/ 
> psql) 
> > > 
> > > Server: icegridnode running 
> > > Server: Blitz-0 active (pid = 31983, 
> > > enabled) 
> > > Server: DropBox inactive (disabled) 
> > > Server: FSServer inactive (disabled) 
> > > Server: Indexer-0 active (pid = 31994, 
> > > enabled) 
> > > Server: OMERO.Glacier2 active (pid = 31996, 
> > > enabled) 
> > > Server: OMERO.IceStorm active (pid = 31997, 
> > > enabled) 
> > > Server: Processor-0 active (pid = 32004, 
> > > enabled) 
> > > Server: Tables-0 inactive (disabled) 
> > > Server: TestDropBox inactive (enabled) 
> > > Server: Web inactive (enabled) 
> > > 
> > > Log dir: /data/omero-Beta4.1.0/var/log exists 
> > > 
> > > Log files: Blitz-0.log 73.0 KB errors=0 
> > > warnings=4 
> > > Log files: DropBox.log 3.0 KB errors=4 
> > > warnings=0 
> > > Log files: FSServer.log 1.0 KB errors=2 
> > > warnings=0 
> > > Log files: Indexer-0.log 3.0 KB errors=0 
> > > warnings=2 
> > > Log files: OMEROweb.log n/a 
> > > Log files: Processor-0.log 2.0 KB errors=0 
> > > warnings=1 
> > > Log files: Tables-0.log n/a 
> > > Log files: TestDropBox.log n/a 
> > > Log files: master.err 1.0 KB errors=0 
> > > warnings=4 
> > > Log files: master.out 0.0 KB 
> > > Log files: Total size 0.09 MB 
> > > 
> > > output of bin/omero config get 
> > > -bash-3.2$ bin/omero config get 
> > > omero.data.dir=/data/OMERO 
> > > omero.db.name=omero3 
> > > omero.db.pass=<secret> 
> > > omero.db.user=omero 
> > > 
> > > Tested my connection to postgres running on localhost with 
> username 
> > > and password. That works 
> > > 
> > > Using mod_python and virtualhost on apache2 which works fine. I 
> can 
> > > get to the webadmin and webadmin login. 
> > > 
> > > What's a little confusing is the omero.server an on demand 
> daemon or 
> > > does it need to be running when apache is running? 
> > 
> > It needs to be running when Apache is running. 
> > 
> > > 
> > > I started with bin/omero admin start 
> > > 
> > > ps ax 
> > > ... 
> > > 31948 ? Sl 0:00 icegridnode --daemon --pidfile /data/ 
> > > omero-Beta4.1.0/var/master/master.pid --nochdir --Ice.Config=/ 
> data/ 
> > > omero-Beta4.1.0/etc/internal.cfg,/data/omero-Beta4.1.0/etc/master. 
> > > 31983 ? Sl 0:29 java -Xmx512M - 
> Djava.awt.headless=true - 
> > > Dlog4j.configuration=etc/log4j.xml -Domero.logfile=var/log/$ 
> > > {omero.name}.log -Domero.name=Blitz-0 -jar lib/server/blitz.jar -- 
> > Ice. 
> > > 31994 ? Sl 0:35 java -Xmx256M - 
> Djava.awt.headless=true - 
> > > Dlog4j.configuration=etc/log4j-indexing.xml -Domero.logfile=var/ 
> > log/$ 
> > > {omero.name}.log -Domero.name=Indexer-0 -jar lib/server/blitz 
> > > 31996 ? Sl 0:00 glacier2router --Ice.Config=/data/ 
> omero- 
> > > Beta4.1.0/var/master/servers/OMERO.Glacier2/config/config 
> > > 31997 ? Sl 0:00 icebox --Ice.Config=/data/omero- 
> > Beta4.1.0/ 
> > > var/master/servers/OMERO.IceStorm/config/config 
> > > 32004 ? Sl 0:00 python lib/python/runProcessor.py -- 
> > > Ice.Config=/data/omero-Beta4.1.0/var/master/servers/Processor-0/ 
> > > config/config 
> > > 32095 ? S 0:03 postgres: omero omero3 127.0.0.1(52367) 
> > > idle 
> > 
> > Looks good. 
> > 
> > > ... 
> > > 
> > > The only thing I see in the weblog is: 
> > > ... 
> > > 2009-11-05 20:32:05,491 blitz_gateway: INFO first create 
> session 
> > > had errors, hold off 10 secs and retry (but only once) 
> > > 2009-11-05 20:32:05,509 blitz_gateway: INFO (3) calling 
> > > createSession() 
> > > 2009-11-05 20:32:05,563 webgateway : ERROR Critical error 
> during 
> > > connect, retrying after _purge 
> > > 2009-11-05 20:32:05,592 blitz_gateway: INFO host: localhost, 
> > > port: 4063 
> > > 2009-11-05 20:32:05,620 blitz_gateway: INFO (1) calling 
> > > createSession() 
> > > 2009-11-05 20:32:05,648 blitz_gateway: INFO 
> > > BlitzGateway.connect().createSession(): Traceback (most recent 
> call 
> > > last): 
> > > File "/data/omero-Beta4.1.0/lib/python/omero/gateway/ 
> __init__.py", 
> > > line 423, in connect 
> > > self._createSession() 
> > > File "/data/omero-Beta4.1.0/lib/python/omero/gateway/ 
> __init__.py", 
> > > line 315, in _createSession 
> > > self._ic_props[omero.constants.PASSWORD]) 
> > > File "/data/omero-Beta4.1.0/lib/python/omero/clients.py", line 
> 376, 
> > > in createSession 
> > > prx = self.getRouter(self.__ic).createSession(username, 
> password) 
> > > File "/usr/lib/python2.4/site-packages/Ice/ 
> Glacier2_Router_ice.py", 
> > > line 107, in createSession 
> > > return _M_Glacier2.Router._op_createSession.invoke(self, 
> > > ((userId, password), _ctx)) 
> > > PermissionDeniedException: 
> > > exception ::Glacier2::PermissionDeniedException 
> > > { 
> > > reason = permission denied 
> > > } 
> > > 
> > > 2009-11-05 20:32:05,687 blitz_gateway: INFO first create 
> session 
> > > had errors, hold off 10 secs and retry (but only once) 
> > > 2009-11-05 20:32:05,706 blitz_gateway: INFO (3) calling 
> > > createSession() 
> > > 2009-11-05 20:32:06,034 views-web : INFO INIT '32218' 
> > 
> > That's an authentication failure quite simply. Is this still using 
> the 
> > upgrade? Are you logging in using a user that exists in OMERO? 
> > 
> > I'm logging in with the "webadmin" user I created with: 
> > bin/omero web superuser 
> 
> That's just a superuser for administering the Django settings, it does 
> not apply to general logins. You'll need to login with whatever 
> username and password is in your OMERO database (root most likely at 
> this point). 
> 
> > 
> > I'm trying to login to the web: 
> > http://omero.mbl.edu/webadmin/login/?url=/Webadmin/ 
> > 
> > This is the upgraded database being used by the Beta4.1.0 version 
> > 
> > Here is more confusion on my part. 
> > /data/omero-Beta4.1.0/lib/python/omeroweb/settings.py 
> > 
> > contains database settings for sqlite3, should that be pointing to 
> > postgresql_psycopg2 and the omero database on postgres? 
> 
> No, they have nothing to do with each other. The sqlite3 database is 
> strictly used for the configuration settings of OMERO.web. 
> 
> > 
> > > ... 
> > > 
> > > Any ideas? Anywhere else I can look? 
> > > 
> > > Kent 
> > 
> > -Chris 
> 
> -Chris 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openmicroscopy.org.uk/pipermail/ome-users/attachments/20091106/b3badc32/attachment.html>


More information about the ome-users mailing list