See the Mailing Lists Page for how to subscribe and unsubscribe.
eprints_tech messages
Please note: this page shows emails that have been sent to the eprints_tech mailing list. Some of these may be spam emails we have failed to filter.
Re: [EP-tech] Alternate authentication
From: Ian Stuart <Ian.Stuart AT ed.ac.uk>
Date: Fri, 26 Sep 2008 09:07:46 +0100
| Threading: | ↑ [EP-tech] Alternate authentication from g.knights AT qut.edu.au • This Message |
*** ↵ http://www.eprints.org/tech.php/id/%3CEMEW-k8P97r2160a023399f33d2ee27eb6978bc6b1e-48DC9852.1070207%40ed.ac.uk%3E *** EPrints community wiki - http://wiki.eprints.org/ Guy Knights wrote: > Thanks for those links Ian - I appreciate that they provide a lot of > info related to my issue. However, I'm having a little trouble with > the 'parallel authentication routine' script, it says most of the > code is in a file which they've called 'myCode.pl', in > archives/ARCHIVEID/cfg/cfg.d/. Where is it specified within EPrints > that this file should be read and the code executed? The wiki page > talks about this file, but doesn't explain how EPrints is instructed > to look at this file. The 'authenticate_user' routine they specify > goes in this file, but how and when is it executed? Ah, right.... perhaps this should be added to the page somewhere: When eprints start, having loaded all it's core modules and code, it loads all the (*.pl?) files in the archives/ARCHIVEID/cfg/cfg.d/ and add *those* routines into the mod-perl environment. This is how you can over-ride core eprints code; extend core eprints packages (as I do with sub EPrints::DataObj::User::user_with_puid {} in http://wiki.eprints.org/w/Add_a_parallel_authentication_routine), or just add extra subroutines generally... So, to get my bespoke authentication handler, I edited sub handler{} in perl_lib/EPrints/Apache/Login.pm and added the following code near the top: # NEW CODE FRAGMENT # Do we have a bespoke authentication routine? if( $session->get_repository->can_call( 'authenticate_user' ) ) { return $session->get_repository->call( 'authenticate_user', $session, $r ); } This looks to see if there is a subroutine 'authenticate_user' (which has hopefully been defined in some .pl file in .../cfg/cfg.d ) and returns whatever that call returns. If the routine isn't there, then EPrints just does it's normal authentication routines. [I did it this way so that the concept could be added to the core EPrints code :chuckle: ] The basic process I devised is thus: Handler: Do we have a current eprints session cookie? (looks in ticket table) N - Bounce the user off to get authenticated. - user authenticates. - Set an eprints session cookie - Store an identifier on the "new" auth table - bounce user back to their original page Y - Can we get user from EPrints ticket table? Y - Get user details, and log them in N - Can we get details from the auth table? N - Bounce user over to manual login pages Y - Can we get a user based on identifier in auth table N - Bounce user over to manual login pages Y - Create record in ticket table - bounce user to their original page -- Ian Stuart. Bibliographics and Multimedia Service Delivery team, EDINA, The University of Edinburgh. http://edina.ac.uk/ The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
[index] [prev] [next] [options] [help]