Open Microscopy Environment

[atarkowska]

Sorry I pasted the same command twice. Coudl you also show

Code: Select all

bin/omero admin diagnostics

[atarkowska]

DEBUG:omeroweb.settings:Attempting to import additional app settings for app: tagsearch
DEBUG:omeroweb.settings:Couldn't import settings from app: tagsearch

tagsearch is a part of webtagging and has to be in your PYTHONAPTH

Code: Select all

export PYTHONPATH=$PYTHONPATH:/path/to/webtagging:$PYTHONAPTH

admin diagnostics should show you PYTHONPATH
then to add just:

Code: Select all

bin/omero config append omero.web.apps '"tagsearch"'
bin/omero config append omero.web.ui.top_links '["Tag Search", "tagsearch"]'

Ola

[atarkowska]

The Django version seem to be 1.6 but, I do remember upgrading to 1.8, anyway, I have upgraded the django version and now I don't see any exception when starting the omero web but, OMERO is not accessible via web. I can see the nginx welcome message, no redirection (adding /webclient/login - gives 404).

Could you show me the output of

Code: Select all

ps aux | grep django.pid

and your nginx config?

[rhamedy]

Ah, that's why I ignore the first command and only posted the get config output, I updated the previous post to also include the admin diagnostics. Running ps aux | grep django.pid gives the following output:

Code: Select all

omero     4441  0.0  0.0 217632 11572 ?        S    13:00   0:00 /usr/bin/python /bin/gunicorn -D -p /home/omero/OMERO.server-5.2.0-ice35-b12/var/django.pid --bind 127.0.0.1:4080 --workers 5 --worker-connections 1000 --max-requests 0 omeroweb.wsgi:application
omero     4446  0.0  0.4 315048 68868 ?        S    13:00   0:00 /usr/bin/python /bin/gunicorn -D -p /home/omero/OMERO.server-5.2.0-ice35-b12/var/django.pid --bind 127.0.0.1:4080 --workers 5 --worker-connections 1000 --max-requests 0 omeroweb.wsgi:application
omero     4447  0.0  0.4 315060 68872 ?        S    13:00   0:00 /usr/bin/python /bin/gunicorn -D -p /home/omero/OMERO.server-5.2.0-ice35-b12/var/django.pid --bind 127.0.0.1:4080 --workers 5 --worker-connections 1000 --max-requests 0 omeroweb.wsgi:application
omero     4450  0.0  0.4 315068 68876 ?        S    13:00   0:00 /usr/bin/python /bin/gunicorn -D -p /home/omero/OMERO.server-5.2.0-ice35-b12/var/django.pid --bind 127.0.0.1:4080 --workers 5 --worker-connections 1000 --max-requests 0 omeroweb.wsgi:application
omero     4453  0.0  0.4 315080 68888 ?        S    13:00   0:00 /usr/bin/python /bin/gunicorn -D -p /home/omero/OMERO.server-5.2.0-ice35-b12/var/django.pid --bind 127.0.0.1:4080 --workers 5 --worker-connections 1000 --max-requests 0 omeroweb.wsgi:application
omero     4458  0.0  0.4 315088 68888 ?        S    13:00   0:00 /usr/bin/python /bin/gunicorn -D -p /home/omero/OMERO.server-5.2.0-ice35-b12/var/django.pid --bind 127.0.0.1:4080 --workers 5 --worker-connections 1000 --max-requests 0 omeroweb.wsgi:application
root      5269  0.0  0.0 112644   964 pts/1    S+   13:43   0:00 grep --color=auto django.pid

We have running OMERO on CentOS 7.2 and the nginx config is under /etc/nginx/conf.d/omero-web.conf containing the following

Code: Select all

upstream omeroweb {
    server 127.0.0.1:4080 fail_timeout=0;
}

server {
    listen 80;
    server_name $hostname;

    sendfile on;
    client_max_body_size 0;

    # maintenance page serve from here
    location @maintenance {
        root /home/omero/OMERO.server-5.2.0-ice35-b12/etc/templates/error;
        try_files $uri /maintainance.html =502;
    }

    # weblitz django apps serve media from here
    location /static {
        alias /home/omero/OMERO.server-5.2.0-ice35-b12/lib/python/omeroweb/static;
    }

    location @proxy_to_app {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;

        proxy_pass http://omeroweb;
    }

    location / {

        error_page 502 @maintenance;
        # checks for static file, if not found proxy to app
        try_files $uri @proxy_to_app;
    }
}


I have temporarily removed the tagsearch from app and ui.top_links, I can add it later. The tagserach and autotag are added in omeroweb directory of OMERO.

I checked the /var/log/nginx/error.log and there is an error caused by the request that shows 404

Code: Select all

2016/02/05 13:23:31 [error] 4740#0: *5 "/usr/share/nginx/html/webclient/login/index.html" is not found (2: No such file or directory), client: 10.0.1.188, server: localhost, request: "GET /webclient/login/ HTTP/1.1", host: "10.0.0.9"
2016/02/05 13:28:17 [error] 5026#0: *1 "/usr/share/nginx/html/webclient/login/index.html" is not found (2: No such file or directory), client: 10.0.1.188, server: localhost, request: "GET /webclient/login/ HTTP/1.1", host: "10.0.0.9"

Isn't it looking in the wrong location for login/index.html? That location and files does not exist.

Everything was working fine, as soon as I started fiddling around with LDAP, all this started. The LDAP issue is still not fixed - hopefully soon.

Sorry got confused with paging (didn't notice the next page). Do you guys have any plan to move to Discourse from phpBB

[atarkowska]

Thank you for update. Did you disable default config?

in /etc/nginx/conf.d or in nginx.conf there is default that handling location / that looks into /usr/share/nginx/html

You have to disable it or add prefix to OMERO.web

Ola

[rhamedy]

Thank you Ola. After our brief chat in #ome channel at https://webchat.freenode.net/ the problem was that nginx was loading default.conf from /etc/nginx/conf.d/ directory and replacing the default.conf to default.conf_disabled resolved the issue (obviously after a force refresh - due to browser cache).

Still waiting on LDAP issue. I will update this post as soon as I have an update.

Cheers.

[atarkowska]

Hi Raf

As I mentioned to you on irc there is no way to skip TLS and no way to log in to omero using blank password.

Ideally is to use ldapsearch to verify ldap connection

anonymous

ldapsearch -x -LLL -H ldaps://server.domain:port -b "ou=example,o=org" -s sub "(cn=johnsmith)"

or with ldap user

ldapsearch -x -LLL -H ldaps://server.domain:port -D "cn=ldapomero,ou=example,o=org" -W -b "ou=example,o=org" -s sub "(cn=johnsmith)"

You can download the SSL certificate from a ldap server that is already using it:

Code: Select all

echo -n | openssl s_client -connect serverdomain:port | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/examplecert.crt


then convert

Code: Select all

openssl x509 -in /tmp/examplecert.cer  -outform PEM -out /tmp/examplecert.pem

ldapsearch is looking in /etc/openldap/cacerts for its store of trusted CA certificates, and that apparently is not set up by default. You can do it like

Code: Select all

env LDAPTLS_CACERT=examplecert.pem ldapsearch...

Once this works for you it should be easy to set up appropriate omero.ldap.* config and add the same cert to java store https://www.openmicroscopy.org/site/sup ... ruststores


Ola

[atarkowska]

Sorry forgot to mention, to test omero try:

Code: Select all

$ bin/omero ldap active
Previous session expired for ola on localhost:4064
Server: [localhost:4064]
Username: [root]
Password:
Created session 99e6d321-7116-4621-aff4-d67d4ccf510f (root@localhost:4064). Idle timeout: 60 min. Current group: system
Yes

If there are any connection issues

Code: Select all

bin/omero ldap discover

should give an error.

Ola