EPrints Technical Mailing List Archive

Message: #04217

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Re: Shibboleth/SAML and ePrints 3.3.x

Hi Matt,

I know your original query was some time ago you asked but it took a
while to get round to having time to do a Shibboleth setup on a recent
OS (in this case CentOS 7) and then to write up some comprehensive and
hopefully clear instructions.  Anyway, they are now available at:

http://wiki.eprints.org/w/Shibboleth

I will admit the instructions are quite long-winded, as there are quite
a number of steps to install and the configure Shibboleth, before you
even get onto configuring EPrints and Apache.  However, a lot of the
stuff on this page is example configuration, which maybe makes the
amount of work look more than it is.

Any feedback and/or suggested amendments to the wiki page would be
appreciated.  I am sure the way I have explained one or two things might
need some clarification.

I am not adverse to the suggestion of making the "Configuring Apache and
EPrints" stage into a Bazaar package but there is no way of automating
the "Installing Shibboleth" and "Configuring Shibboleth" stages, as
these will vary between operating systems and require adding/modifying
files outside the EPrints scope.  I do not have the time at present to
write such a Shibboleth EPrints Bazaar package but if someone else is
keen, do not let me stop you.

Regards

David Newman



On Wed, 2015-04-22 at 23:34 +0000, Matthew Brady wrote:
> Hi Alen, Thanks for the pointers..  I will have a read through your links and see what I can come up with and get working...
> Hi David,  running on RH6, and we are aiming to have this running as SSO for current authenticated users, and then fall back to the usual login screen if the SSO fails (e.g for internal eprint accounts)
> 
> Thanks for the guidance.
> 
> Matt
> 
> 
> -----Original Message-----
> From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of alen vodopijevec
> Sent: Wednesday, 22 April 2015 5:51 PM
> To: eprints-tech@ecs.soton.ac.uk
> Subject: [EP-tech] Re: Shibboleth/SAML and ePrints 3.3.x
> 
> Hi!
> 
> I have got it working 2 years ago and describe it here:
> https://github.com/alenkovich/Eprints-AAI-EduHr-Auth
> 
> Currently I will have to implement it again on 3.3.13 but I'm looking into using mod_auth_mellon instead od auth_memcookie
> 
> https://github.com/UNINETT/mod_auth_mellon
> 
> Hope it helps..
> 
> Regards,
> alen
> 
> 
> 
> On 04/22/2015 01:40 AM, Matthew Brady wrote:
> > Hi All,
> >
> > I am looking at implementing Shibboleth/SAML in our version of ePrints.
> > Just wondering if anyone has done this for the 3.3.x versions, as the 
> > only documentation I can find is from 2009, and I think goes back to 
> > about 2.3.x.
> >
> > Any help/doco/instructions a little more recent would be most appreciated.
> >
> > Cheers
> >
> > Matt.
> >
> > *Matt Brady *
> >
> > University of Southern Queensland
> >
> > Toowoomba | Queensland | 4350 | Australia
> >
> > _____________________________________________________________
> > This email (including any attached files) is confidential and is for the intended recipient(s) only. If you received this email by mistake, please, as a courtesy, tell the sender, then delete this email.
> >
> > The views and opinions are the originator's and do not necessarily reflect those of the University of Southern Queensland. Although all reasonable precautions were taken to ensure that this email contained no viruses at the time it was sent we accept no liability for any losses arising from its receipt.
> >
> > The University of Southern Queensland is a registered provider of education with the Australian Government.
> > (CRICOS Institution Code QLD 00244B / NSW 02225M, TEQSA PRV12081 )
> >
> >
> >
> > *** Options: 
> > http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> > *** Archive: http://www.eprints.org/tech.php/
> > *** EPrints community wiki: http://wiki.eprints.org/
> > *** EPrints developers Forum: http://forum.eprints.org/
> >
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/
> 
> 
> _____________________________________________________________
> This email (including any attached files) is confidential and is for the intended recipient(s) only. If you received this email by mistake, please, as a courtesy, tell the sender, then delete this email.
> 
> The views and opinions are the originator's and do not necessarily reflect those of the University of Southern Queensland. Although all reasonable precautions were taken to ensure that this email contained no viruses at the time it was sent we accept no liability for any losses arising from its receipt.
> 
> The University of Southern Queensland is a registered provider of education with the Australian Government.
> (CRICOS Institution Code QLD 00244B / NSW 02225M, TEQSA PRV12081 )
> 
> 
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/