Omero as authentication provider

Hi all,

I’m building a basic flask app to allow users to create small annotation “cards” - it’s not even beta yet, but I’ll present it here soon. Those cards (toml files) are then used in a script to import & annotate the user’s images.

I can use ldap to authenticate the users, but would it be possible to use omero as an authentication provider?

I tried:

def authenticate(self, username, password):

        client = omero.client(
            host=self.config["OMERO_HOST"], port=self.config["OMERO_PORT"]
        )
        session = client.createSession(username, password)
        with BlitzGateway(client_obj=client) as conn:
            if conn.isConnected():
                response = AuthenticationResponse(
                    status=AuthenticationResponse.success, info=self.get_user_info(conn)
                )
            else:
                response = AuthenticationResponse(
                    status=AuthenticationResponse.fail, info={}
                )

In a OmeroLoginManager class copied from flask-ldap3-login.

But I get:


Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/sid/.local/lib/python3.7/site-packages/omero/gateway/__init__.py", line 2229, in connect
    self._createSession()
  File "/home/sid/.local/lib/python3.7/site-packages/omero/gateway/__init__.py", line 2089, in _createSession
    self._ic_props[omero.constants.PASSWORD])
  File "/home/sid/.local/lib/python3.7/site-packages/omero/clients.py", line 653, in createSession
    prx = rtr.createSession(username, password, ctx)
  File "/home/sid/.local/lib/python3.7/site-packages/Glacier2_Router_ice.py", line 258, in createSession
    return _M_Glacier2.Router._op_createSession.invoke(self, ((userId, password), _ctx))
Ice.SocketException: Ice.SocketException:
Cannot assign requested address

This is in a docker container, I tried installing omero-py with pip and with conda in the Dockerfile with the same result.

The Dockerfile is here

I saw this error discussed in september on github by @j.burel and @joshmoore - but I’m not sure I understand how to fix it.

To be clear, I also have the same Ice.SocketException in a shell in the docker, so I don’t think it comes from the flask context.

I changed the Dockerfile to use ubuntu focal instead of original debian but the error persists. With the same version on the host, connection works, so I guess this is a docker issue

Neat idea. I don’t see why not.

Not sure I understand either (yet). Independent of your authenticator code, do logins work, say from the shell?

Also, I don’t see OMERO in docker-compose.yml. Can you show how you are starting everything up?

~Josh

Independent of your authenticator code, do logins work, say from the shell?

yes I can log into omero from the shell on the host machine (where both dockers are running) or from elsewhere, the web client is running nicely.

Can you show how you are starting everything up?

the omero server runs with a modified version of the example installation:

  • Dockerfile for the server is here

  • docker-compose is here

  • env file is here

How have you connected the networks of the two docker setups? e.g. How to link multiple docker-compose services via network · T.J. Telan

~Josh

Configuring the client with the FQDN of the omero server, and not localhost, and actually updating the app config :confused: , fixed the issue. Thanks for the help Josh.

For now the auth code is within the app, but if there is interest, it can be made into a small independent package easily.

1 Like

When you get a chance, sure!
~J

1 Like