[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] Antwort: Re: ADFS login?



Hi Andrew (and others),

I have added a test script for LDAP to the wiki page (under LDAP 
testing).  Looking at the user_login.pl already on the wiki page, the 
most likely issue is getting the $base and $dn variables and the filter 
for the LDAP search set correctly.

Regards

David Newman


On 24/05/2017 14:13, Andrew Beeken wrote:

> I think the main problem is my perl knowledge is fairly minimal so I?m 
> not really sure how I?d go about testing this. I?ve got all the LDAP 
> login criteria from other projects and I just plugged them into the 
> script here: 
> https://wiki.eprints.org/w/LDAP#LDAP_Authentication_with_On-Demand_Creation_of_Users
>
> Any advice you can give to getting a manual test working on this would 
> be great J
>
> *From:*eprints-tech-bounces at ecs.soton.ac.uk 
> [mailto:eprints-tech-bounces at ecs.soton.ac.uk] *On Behalf Of *Denis 
> Pitzalis
> *Sent:* 24 May 2017 13:49
> *To:* Eprints Tech Mailing List <eprints-tech at ecs.soton.ac.uk>
> *Subject:* Re: [EP-tech] Antwort: Re: ADFS login?
>
> Hi all,
>
> I have a LDAP installation up and running that you can check here: 
> http://en.unesco.org/mediabank
>
> LDAP works like charm (Thanks Tim :) ) and I am planning now to move 
> to ADFS. Unfortunately LDAP supports a lot of scenarios did you first 
> test your LDAP with a simple perl script? If you get this done, you 
> are at 80% of the work. I am planning also to share my devs on github, 
> so stay tuned!
>
> Denis
>
> On Wed, May 24, 2017 at 2:42 PM, Andrew Beeken <anbeeken at lincoln.ac.uk 
> <mailto:anbeeken at lincoln.ac.uk>> wrote:
>
>     Thanks Martin,
>
>     I?ve had a look at getting this working using a self-certified SSL
>     on my dev box but it doesn?t seem to be too happy. To the group ?
>     has anyone got this running? Does anyone actually have a working
>     LDAP/ADFS login implementation? I know our EPrints currently uses
>     a system however it is this component that I?m trying to find a
>     more graceful solution for.
>
>     *From:*eprints-tech-bounces at ecs.soton.ac.uk
>     <mailto:eprints-tech-bounces at ecs.soton.ac.uk>
>     [mailto:eprints-tech-bounces at ecs.soton.ac.uk
>     <mailto:eprints-tech-bounces at ecs.soton.ac.uk>] *On Behalf Of
>     *martin.braendle at id.uzh.ch <mailto:martin.braendle at id.uzh.ch>
>     *Sent:* 19 May 2017 07:12
>     *To:* eprints-tech at ecs.soton.ac.uk
>     <mailto:eprints-tech at ecs.soton.ac.uk>
>     *Subject:* [EP-tech] Antwort: Re: ADFS login?
>
>     Andrew,
>
>     this is on LDAP, but it might be a beginning:
>     https://wiki.eprints.org/w/LDAP
>
>     Cheers,
>
>     Martin
>
>     Inactive hide details for Andrew Beeken ---18/05/2017
>     17:02:06---Any thoughts on this? I am importing users from our
>     live systeAndrew Beeken ---18/05/2017 17:02:06---Any thoughts on
>     this? I am importing users from our live system which have
>     usernames and ID numbers
>
>     Von: Andrew Beeken <anbeeken at lincoln.ac.uk
>     <mailto:anbeeken at lincoln.ac.uk>>
>     An: "eprints-tech at ecs.soton.ac.uk
>     <mailto:eprints-tech at ecs.soton.ac.uk>"
>     <eprints-tech at ecs.soton.ac.uk <mailto:eprints-tech at ecs.soton.ac.uk>>
>     Datum: 18/05/2017 17:02
>     Betreff: Re: [EP-tech] ADFS login?
>     Gesendet von: eprints-tech-bounces at ecs.soton.ac.uk
>     <mailto:eprints-tech-bounces at ecs.soton.ac.uk>
>
>     ------------------------------------------------------------------------
>
>
>
>
>     Any thoughts on this?
>
>     I am importing users from our live system which have usernames and
>     ID numbers matching our active directory so I?m hoping that it
>     shouldn?t be too hard to authenticate. My ideal process would be:
>
>     ? User logs in ?
>     ? Are they in the user table?
>
>     o If not, add them and authenticate
>     o If so, authenticate
>
>
>     That would enable our creator browse to pick them up after a
>     single log in, however we would probably have to figure out a
>     process for removing users after they leave or deactivating them
>     somehow. The big question is, of course, if their username is
>     reused (which I?m told shouldn?t happen!)
>
>     *From:*eprints-tech-bounces at ecs.soton.ac.uk
>     <mailto:eprints-tech-bounces at ecs.soton.ac.uk>
>     [mailto:eprints-tech-bounces at ecs.soton.ac.uk] *On Behalf Of
>     *Andrew Beeken*
>     Sent:* 15 May 2017 16:42*
>     To:* eprints-tech at ecs.soton.ac.uk
>     <mailto:eprints-tech at ecs.soton.ac.uk>*
>     Subject:* [EP-tech] ADFS login?
>
>     Hello all!
>
>     Another thing I want to do is introduce an ADFS or similar based
>     login system into the new migration of EPrints. As I mentioned,
>     all users I?m migrating over have usernames and ID number that are
>     relative to our internal systems, so I?d like to be able to
>     authenticate logins against those systems and create new users
>     where applicable. Again, is there any known methods (plugins etc)
>     out there for doing this?
>
>     Ta!
>     Andrew
>     *
>     The University of Lincoln, located in the heart of the city of
>     Lincoln, has established an international reputation based on high
>     student satisfaction, excellent graduate employment and
>     world-class research.*
>
>     The information in this e-mail and any attachments may be
>     confidential. If you have received this email in error please
>     notify the sender immediately and remove it from your system. Do
>     not disclose the contents to another person or take copies.
>
>     Email is not secure and may contain viruses. The University of
>     Lincoln makes every effort to ensure email is sent without
>     viruses, but cannot guarantee this and recommends recipients take
>     appropriate precautions.
>
>     The University may monitor email traffic data and content in
>     accordance with its policies and English law. Further information
>     can be found at: http://www.lincoln.ac.uk/legal.*** Options:
>     http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
>     *** Archive: http://www.eprints.org/tech.php/
>     *** EPrints community wiki: http://wiki.eprints.org/
>     <http://wiki.eprints.org/>
>     *** EPrints developers Forum: http://forum.eprints.org/
>     <http://forum.eprints.org/>
>
>
>     *** Options:
>     http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
>     *** Archive: http://www.eprints.org/tech.php/
>     *** EPrints community wiki: http://wiki.eprints.org/
>     *** EPrints developers Forum: http://forum.eprints.org/
>     <http://forum.eprints.org/>
>
>
>
> -- 
>
> *Denis Pitzalis, PhD <mailto:d.pitzalis at unesco.org>*
> Web Architect/Lead Developer <http://www.unesco.org>
>
> ERI/DPI/WEB <http://www.unesco.org>
> 7, place de Fontenoy
> 75007 ?Paris ?France <https://goo.gl/maps/U2TEZ2x14MM2>
> Tel. +33 (0) 1 45 68 18 16
>
> http://www.unesco.org
>
>
>
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/



---
This email has been checked for viruses by AVG.
http://www.avg.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20170524/a4d33b85/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20170524/a4d33b85/attachment-0001.gif