Hi Mark.
Thank you, that's the answer I was looking for :-)
I am working in XMLUI, so yes, I have to do it in cocoon.
I have followed your source and see that you have defined
ShibbolethAction within the ePerson aspect, which is where the work
happens. Happy days :-)
On 2018/10/09 15:16, Mark H. Wood wrote:
On Tuesday, October 9, 2018 at 5:19:55 AM UTC-4, Shaun Donovan wrote:
I think I have the flow right, but it seems that it is the
implementation that is foiling me.
Firstly, I forgot to mention that is authenticating against ADFS,
and looking at the Shibboleth Plugin, it seems as if it would not
quite work for me. I already have spring.security.saml integrated
into DSpace, and want to follow the exact route that Mark has
described, namely:
an implementation of AuthenticationMethod;
UI code to collect user credentials (if needed);
UI code to validate a user's identity with a DSpace EPerson
and call AuthenticationService to complete session creation.
I am struggling to understand how to include my own UI code in
DSpace. For example, I am trying to follow the Shibboleth flow,
which is very close to what I need. In that code, the loginPageURL
is generated base on whether lazy sessions are defined or not. If
not, the loginPageURL is the current URL with /shibboleth-login
tacked onto it.
This obviously re-directs the browser to that URL, but this is
where I cannot trace what is happening. Where is the link that
tells DSpace that /shibboleth-login is a class, and which class. I
have grepped through the deployed code, and cannot find that
mapping anywhere. It is this that is currently stumping me. If I
could find that, I could continue tracing the route and
implementing my own.
Are you working in JSPUI or XMLUI?
In XMLUI, it is the Cocoon "sitemap" which maps URL paths to classes.
The sitemap is contained in a number of 'sitemap.xmap' files: a main
map in [DSpace-source]/dspace-xmlui/src/main/webapp/sitemap.xmap;
per-theme maps in dspace-xmlui/src/main/webapp/themes/*/sitemap.xmap;
and per-aspect maps in
dspace-xmlui/src/main/resources/aspects/*/sitemap.xmap. Authentication
is part of the EPerson aspect, and you should find references to
Shibboleth (including shibboleth-login) in that aspect's map. You
won't find the string in the installed code with 'grep' because it has
been compressed and packed away inside a JAR archive. It is mapped to
a Cocoon Action. You will need to write a similar Action class, define
it in the sitemap, and map it to an otherwise unused URL path (also in
the sitemap).
In JSPUI the URL path is mapped in web.xml using <servlet/> and
<servlet-mapping/> elements, linking it to servlet code which does the
work. I haven't worked in JSPUI in years, so that's about all I can
say offhand. There is also a ShibbolethFilter class in the JSPUI
sources but I have no idea what role it plays.
--
All messages to this mailing list should adhere to the DuraSpace Code
of Conduct: https://duraspace.org/about/policies/code-of-conduct/
---
You received this message because you are subscribed to the Google
Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to dspace-tech+unsubscr...@googlegroups.com
<mailto:dspace-tech+unsubscr...@googlegroups.com>.
To post to this group, send email to dspace-tech@googlegroups.com
<mailto:dspace-tech@googlegroups.com>.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.
--
All messages to this mailing list should adhere to the DuraSpace Code of
Conduct: https://duraspace.org/about/policies/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dspace-tech+unsubscr...@googlegroups.com.
To post to this group, send email to dspace-tech@googlegroups.com.
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.