[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] Document Security and Login

Hi All,

We will be moving to SSO soon and as such I would like to change the default functionality of forcing a user to log in when trying to access a restricted document.
I would rather a user be given as error like 'Cannot view this document' or something similar and take them to the abstract page (or keep them at the abstract page if they started there) so they can then request the document.

The issue is, that we have repositories that harvest us, that link directly to the documents and not the abstract pages and this can cause confusion with people coming to us through these.

In the security.pl file I have tried setting it to DENY as a default, rather that have USER, but this hasn't changed anything and under the permit subroutine in Document.pm both DENY and USER return 0, so it looks like there is no difference in these settings.

Does anyone have any idea on how I might be able to do this or where in the code base it determines if it sends the user to a log in page?



Monica Wood
Senior Library Officer - Systems
Library | Academic Division
University of Tasmania
Private Bag 25
Hobart 7001
T +61 3 6226 1849

University of Tasmania Electronic Communications Policy (December, 2014).
This email is confidential, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone outside the intended recipient organisation is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. The views expressed in this email are not necessarily the views of the University of Tasmania, unless clearly intended otherwise.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20170927/70363520/attachment.html