EPrints Technical Mailing List Archive
Message: #07131
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
Re: [EP-tech] Shibboleth and local login
- To: <eprints-tech@ecs.soton.ac.uk>
- Subject: Re: [EP-tech] Shibboleth and local login
- From: Yuri <yurj@alfa.it>
- Date: Wed, 7 Feb 2018 10:03:05 +0100
Hi! I'm following: https://wiki.eprints.org/w/Webserver_authentication I've found this in :if( $repository->current_url ne $repository->current_url( path => "cgi", "users/login" ) )
{EPrints::Apache::AnApache::send_status_line( $r, 302, "Need to login first" ); EPrints::Apache::AnApache::header_out( $r, "Location", $login_url );
EPrints::Apache::AnApache::send_http_header( $r ); return DONE; }this create a loop in authentication because it doesn'nt check for /shibboleth/login! perl_lib/EPrints/Apache/Auth.pm
My question is also how I can insert a link to a local authentication because if I follow a link to /cgi/users/login, I get redirected to shibboleth auth. Is it because of the lines above?
To avoid the loop, in auth.pl I've changed this:my $url = URI->new( $session->get_repository->get_conf( "base_url" ) . "/shibboleth/login" ); <- base_url is http, no shibboleth, so the server keep redirecting over and over
to: my $url = "https://<mysite>/shibboleth/login"; So, I think the guide is incomplete or there's something not clear to me... Il 14/12/2017 09:11, Yuri ha scritto:
Ok, so I've just to add a link to /shibboleth/login in /cgi/users/login for people which want to login using shibboleth, isn't it?For redirects it is not a problem, but I think /cgi/users/login already save the loginparams so send you to the wanted page.Il 13/12/2017 11:25, David R Newman ha scritto:Hi Yuri, The actual login page is http://HOSTNAME/cgi/users/login you could include this link for people who want to login using local login. However, must the links that require you to login will still always redirect to shibboleth, so you will have to instruct you local uses that they must click on the local login to ensure they are logged in before trying to use any of the logged in user functionality, You might want to do something clever with the login link to ensure the user gets returned to the same page they were on before they realised they need to login. I am not sure how to do this off the top of my head. Regards David Newman On Wed, 2017-12-13 at 10:53 +0100, Yuri wrote:*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-techHi! reading and implementing this guide: https://wiki.eprints.org/w/Shibboleth every login is handled by Shibboleth. Is there a way to let the user choose betsween local and Shibboleth login? *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints- tech *** Archive: http://www.eprints.org/tech.php/ *** EPrints community wiki: http://wiki.eprints.org/ *** EPrints developers Forum: http://forum.eprints.org/*** Archive: http://www.eprints.org/tech.php/ *** EPrints community wiki: http://wiki.eprints.org/ *** EPrints developers Forum: http://forum.eprints.org/
- Follow-Ups:
- Re: [EP-tech] Shibboleth and local login
- From: Yuri <yurj@alfa.it>
- Re: [EP-tech] Shibboleth and local login
- References:
- [EP-tech] Shibboleth and local login
- From: Yuri <yurj@alfa.it>
- Re: [EP-tech] Shibboleth and local login
- From: David R Newman <drn@ecs.soton.ac.uk>
- Re: [EP-tech] Shibboleth and local login
- From: Yuri <yurj@alfa.it>
- Re: [EP-tech] Shibboleth and local login
- From: Yuri <yurj@alfa.it>
- [EP-tech] Shibboleth and local login
- Prev by Date: [EP-tech] Citation file refactor part 2.
- Next by Date: Re: [EP-tech] Shibboleth and local login
- Previous by thread: [EP-tech] Sort view with creators_name and corp_creators
- Index(es):