EPrints Technical Mailing List Archive

Message: #05522

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Errors after Shibboleth login


I’m new to eprints developing. My task was to make shibboleth working as login for eprints. 
The user who upload a document to eprints is a students and the document is his bachelor or master thesis. So they are unknown user for eprints. I need a login with autocreating user. I mainly tried two websites with different login-skripts 

I get a shibboleth session with all the attributes I need, but no user is created in the eprints user table and I get a accout_required - page. 
My attributes are: 
  • uid
  • sn
  • givenname
  • eduPersonEntitlement
  • transientId
  • eduPersonScopedAffiliation
  • email
Maybe some of them are not really needed. But I suppose that in the instruction uid is not set, so the user can’t be stored in the database. 

In the second instruction the user is created, but the rewrite goes to https://myurl/cgi/users/home. The error page I get, is in german. I would translate it as a rewriting exception. "The page is rewrited to an endless loop. It may happen, if cookies are not set."
For this instruction there could be an error in my apache configuration, because other eprint archives we have without shibboleth, go to this URL after login and get a page with content. So here is my apache configuration for the v_host  in ssl:

<VirtualHost *:443>
  ServerName ….
  ServerAdmin ….
# SSL DEFINITIONS (deleted, because not important) 

Alias /shibboleth /usr/share/eprints/archives/myarchive/shibboleth
  <Location "/shibboleth">
    SetHandler perl-script
    PerlHandler ModPerl::Registry
    PerlSendHeader Off
    Options ExecCGI FollowSymLinks

    AuthType shibboleth
    # RequireSession Version von DFN...
    ShibRequireSession On
    # ShibRequestSetting requireSession 1
    # require shib-session
    require valid-user

  <Location /cgi/shibboleth>
    AuthType shibboleth
    ShibRequestSetting requireSession 1
    Require shib-session

  <Location "">
   PerlSetVar EPrints_ArchiveID testshib
   Options +ExecCGI
   # Order allow,deny
   # Allow from all
   # Require all granted

  # Note that PerlTransHandler can't go inside
  # a "Location" block as it occurs before the
  # Location is known.
  PerlTransHandler +EPrints::Apache::Rewrite

  CustomLog /var/log/apache2/my_access_ssl.log combined
  ErrorLog  /var/log/apache2/my_error_ssl.log


I don’t know how to solve my problem and which one is easier. If I missed anything or the explanation is not clear, just ask. 
It would be fine, if someone could help me. 
Nelli Funk
Nelli Funk
Universitäts- und Landesbibliothek 
Magdalenenstr. 8
64289 Darmstadt

Tel.: 06151 16-76227