EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #05522

[EP-tech] Errors after Shibboleth login

To: "eprints-tech@ecs.soton.ac.uk" <eprints-tech@ecs.soton.ac.uk>
Subject: [EP-tech] Errors after Shibboleth login
From: "Funk, Nelli" <nelli.funk@ulb.tu-darmstadt.de>
Date: Thu, 24 Mar 2016 07:55:15 +0000

Hello,

I’m new to eprints developing. My task was to make shibboleth working as login for eprints.

The user who upload a document to eprints is a students and the document is his bachelor or master thesis. So they are unknown user for eprints. I need a login with autocreating user. I mainly tried two websites with different login-skripts

1.) http://wiki.eprints.org/w/Shibboleth

I get a shibboleth session with all the attributes I need, but no user is created in the eprints user table and I get a accout_required - page.

My attributes are:

uid
sn
givenname
eduPersonEntitlement
transientId
eduPersonScopedAffiliation
email

Maybe some of them are not really needed. But I suppose that in the instruction uid is not set, so the user can’t be stored in the database.

2.) http://wiki.eprints.org/w/Webserver_authentication

In the second instruction the user is created, but the rewrite goes to https://myurl/cgi/users/home. The error page I get, is in german. I would translate it as a rewriting exception. "The page is rewrited to an endless loop. It may happen, if cookies are not set."

For this instruction there could be an error in my apache configuration, because other eprint archives we have without shibboleth, go to this URL after login and get a page with content. So here is my apache configuration for the v_host in ssl:

<VirtualHost *:443>

  ServerName ….

  ServerAdmin ….

# SSL DEFINITIONS (deleted, because not important) 

Alias /shibboleth /usr/share/eprints/archives/myarchive/shibboleth

  <Location "/shibboleth">

    SetHandler perl-script

    PerlHandler ModPerl::Registry

    PerlSendHeader Off

    Options ExecCGI FollowSymLinks

    AuthType shibboleth

    # RequireSession Version von DFN...

    ShibRequireSession On

    # ShibRequestSetting requireSession 1

    # require shib-session

    require valid-user

  </Location>

  <Location /cgi/shibboleth>

    AuthType shibboleth

    ShibRequestSetting requireSession 1

    Require shib-session

  </Location>

  <Location "">

   PerlSetVar EPrints_ArchiveID testshib

   Options +ExecCGI

   # Order allow,deny

   # Allow from all

   # Require all granted

  </Location>

  # Note that PerlTransHandler can't go inside

  # a "Location" block as it occurs before the

  # Location is known.

  PerlTransHandler +EPrints::Apache::Rewrite

  CustomLog /var/log/apache2/my_access_ssl.log combined

  ErrorLog  /var/log/apache2/my_error_ssl.log

</VirtualHost>

I don’t know how to solve my problem and which one is easier. If I missed anything or the explanation is not clear, just ask.

It would be fine, if someone could help me.

Regards

Nelli Funk

--------------------------------------------------

Nelli Funk

Universitäts- und Landesbibliothek
Magdalenenstr. 8
64289 Darmstadt

Tel.: 06151 16-76227

Prev by Date: [EP-tech] Errors after Shibboleth login
Next by Date: Re: [EP-tech] Errors after Shibboleth login
Previous by thread: Re: [EP-tech] Modifying Latest Additions
Next by thread: Re: [EP-tech] Errors after Shibboleth login
Index(es):
- Date
- Thread