Hi Gessy, That looks like a possible configuration issue (maybe related with trying to use v5.x configs for v6.x?) in the "authentication-shibboleth.cfg" or "authentication.cfg" or similar.
Your debugging output is saying that the configurations DSpace uses to find the proper Shibboleth headers are all set to *null*. In other words, it sounds like the configurations for Net ID and Email in your "authentication-shibboleth.cfg" are "null" *or* your "authentication-shibboleth.cfg" file is not being found. These are the configs it is reporting as set to "null": https://github.com/DSpace/DSpace/blob/dspace-6_x/dspace/config/modules/authentication-shibboleth.cfg#L91-L92 Keep in mind, the configuration system behind DSpace changed between 5.x and 6.x, which makes me wonder if you are trying to reuse old 5.x configs in your 6.x site. See the "WARNING" in step #8 of the upgrade process: https://wiki.lyrasis.org/display/DSDOC6x/Upgrading+DSpace and the red warning here: https://wiki.lyrasis.org/display/DSDOC6x/Configuration+Reference#ConfigurationReference-Thelocal.cfgConfigurationPropertiesFile All in all, I'd recommend double checking your Shibboleth configurations in your 6.3 install. It sounds like they are currently only partially correct (in that the connection to Shibboleth still works, but DSpace doesn't know which fields you want to pull in from Shibboleth). Good luck, Tim ________________________________ From: [email protected] <[email protected]> on behalf of Gessy Junior <[email protected]> Sent: Monday, February 17, 2020 9:43 AM To: DSpace Community <[email protected]> Subject: [dspace-community] DSpace 6.3 + nginx + shibboleth problem Hi, I'm using version 5.7 of DSpace with nginx and Shibboleth authentication and everything is working fine. But now I need to update to version 6.3 and I followed all the procedures described in the documentation and I successfully managed to upgrade. However, shibboleth authentication does not work. Using DEBUG mode i observed the following 2020-02-17 12:24:39,447 INFO org.dspace.app.webui.discovery.DiscoverUtility @ facets for scope, null: 4 722f73686962626f6c6574682d7370=_723d8cb35039733075ea508c9ac3b106; JSESSIONID=62A806BA7ADEA88D185DC8DBD8B97DBE' auth_type='shibboleth' remote_user='xxxxxxxxx' shib-application-id='default' shib-authentication-instant='2020-02-12T18:59:10.886Z' shib-authentication-method='urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified' shib-authncontext-class='urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified' shib-ep-orgdn='o=XXXX' shib-ep-orgunitdn='ou=grad,ou=XXXX,o=XXXX' shib-ep-primaryaffiliation='student' shib-handler='https://xxxx.xxx.xxx.xxx/Shibboleth.sso' shib-identity-provider='https://xxx.xxx.xxx/shibboleth' shib-inetorgperson-givenname='Gessy' shib-person-commonname='Gessy' shib-person-mail='[email protected]' shib-person-uid='login' shib-person-surname='Junior' shib-session-expires='1581541151' shib-session-id='_723d8cb35039733075ea508c9ac3b106' shib-session-inactivity='1581540032' shib-session-index='cc6cbb0337efd651aeee991136423ae3cbe46f9b203a30dd044944937a20b831' shib-brperson-datanascimento='30121899' shib-ufmgperson-status='EmailDominio_A' shib-ufmgperson-urlemail='http://correio.xxxx.xxx.xxx/' affiliation='[email protected]' eppn='[email protected]' unscoped-affiliation='student' 2020-02-12 17:40:32,909 ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a Ne tId, Email, or Tomcat Remote user for which to indentify a user from. 2020-02-12 17:40:32,910 ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unabl e to find an email address along with first and last name for the user. NetId Header: 'null'='null' (Optional) Email Header: 'null'='null' First Name Header: 'null'='null' Last Name Header: 'null'='null' I see from the logs that the HTTP header is being filled in with the correct values and are reaching tomcat and possibly DSpace but he can't seem to get the header data. Someone can help me? Thank you Gessy -- All messages to this mailing list should adhere to the DuraSpace Code of Conduct: https://duraspace.org/about/policies/code-of-conduct/ --- You received this message because you are subscribed to the Google Groups "DSpace Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-community/16dc5050-8308-4639-8425-651ae8bc826c%40googlegroups.com<https://groups.google.com/d/msgid/dspace-community/16dc5050-8308-4639-8425-651ae8bc826c%40googlegroups.com?utm_medium=email&utm_source=footer>. -- All messages to this mailing list should adhere to the DuraSpace Code of Conduct: https://duraspace.org/about/policies/code-of-conduct/ --- You received this message because you are subscribed to the Google Groups "DSpace Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-community/DM5PR2201MB1148E2443377B745BE0A2A34ED110%40DM5PR2201MB1148.namprd22.prod.outlook.com.
