Upload assistant login issues
legacy....@gmail.com
Herrick, Rick
Is he specifying the full URL to the server, including “http://” or “https://”? Or is there possibly an application context getting left off? For example, if you have your XNAT hosted at http://myplace.edu/xnat and he’s just entering myplace.edu…
Try checking to see if these fix the issue. If not, we can turn on logging and maybe try running the upload assistant through a proxy to capture the traffic between the client and your server.
--
Rick Herrick
Sr. Programmer/Analyst
Neuroinformatics Research Group
Washington University School of Medicine
Voice: (314) 273-1645
Web: http://www.xnat.org
Twitter: @NrgXnat
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
xnat_discussi...@googlegroups.com.
To post to this group, send email to
xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
legacy....@gmail.com
Herrick, Rick
OK, let me know what you find out. You could also try using some kind of command-line client like curl or httpie from the user’s machine, something like this:
$ http --auth admin xnatdev.xnat.org/data/projects
http: password for ad...@xnatdev.xnat.org:
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/json
Date: Wed, 03 Jan 2018 19:19:45 GMT
Expires: 0
Pragma: no-cache
Server: nginx/1.10.3 (Ubuntu)
Set-Cookie: JSESSIONID=33F128A8A5B70E4BF5C92AFE37D775E2; Path=/; HttpOnly
Set-Cookie: SESSION_EXPIRATION_TIME="1515007185277,900000"; Version=1; Path=/
Transfer-Encoding: chunked
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
{
"ResultSet": {
"Result": [
{
"ID": "XNAT_01",
"URI": "/data/projects/XNAT_01",
"description": "",
"name": "XNAT 01",
"pi_firstname": "",
"pi_lastname": "",
"secondary_ID": "XNAT 01"
}
],
"totalRecords": "1"
}
}
Instead of “admin” you can try the username that’s failing with the upload assistant as well as another “known good” account, i.e. one that’s working with the upload assistant.
--
Rick Herrick
Sr. Programmer/Analyst
Neuroinformatics Research Group
Washington University School of Medicine
Phone: +1 (314) 273-1645
From: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com> on behalf of "legacy....@gmail.com" <legacy....@gmail.com>
Reply-To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
Date: Wednesday, January 3, 2018 at 12:00 PM
To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
xnat_discussi...@googlegroups.com.
To post to this group, send email to
xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.
legacy....@gmail.com
Herrick, Rick
No, there’s not. This is a bit of a tricky situation because of how XNAT determines which provider to use for authentication. As you figured out, if there’s just a single entry for a username in the user auth table, that’s what XNAT uses, but if there are duplicates it will default to localdb unless there’s an extra parameter (login_method) that specifies the ID of the provider to use. The upload assistant has no way to specify that parameter.
Sean, I created an issue in our JIRA for this and had a couple questions about your configuration:
* How are you configuring your LDAP provider?
* On your XNAT’s login page, do you get a drop-down list that lets users select between providers?
There’s a gap in 1.7 where it doesn’t look like XNAT lets you disable or hide auth providers (1.6 had a property “provider.providers.enabled” that doesn’t seem to get checked any more). I’m actually working on a refactor of the authentication provider architecture that will add that ability back in as well as let admins dynamically enable and disable providers (as well as make providers invisible) through the admin UI rather than changing properties files (bonus is that changing the properties files requires a restart of the server, but changing the provider configurations through the UI should allow dynamic creation and updating of provider definitions without a restart).
--
Rick Herrick
Sr. Programmer/Analyst
Neuroinformatics Research Group
Washington University School of Medicine
Phone: +1 (314) 273-1645
From: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com> on behalf of "legacy....@gmail.com" <legacy....@gmail.com>
Reply-To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
Date: Thursday, January 4, 2018 at 9:49 AM
To: "xnat_di...@googlegroups.com" <xnat_di...@googlegroups.com>
Subject: Re: [XNAT Discussion] Upload assistant login issues
Rick,
I compared the two users in the database and found that the affected user had two records in the xhbm_xdat_user_auth table (one for LDAP and the other for LocalDB). I performed a dump of the database and removed the LocalDB record (we use LDAP authentication) and now the user can log in. Is there a property/setting somewhere I need to set up so the desktop uploader will use LDAP authentication if there are two records in the xhbm_xdat_user_auth table.
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
xnat_discussi...@googlegroups.com.
To post to this group, send email to
xnat_di...@googlegroups.com.
Visit this group at https://groups.google.com/group/xnat_discussion.
For more options, visit https://groups.google.com/d/optout.