Hi all.
I have written a SAML / ADFS authentication module, and have been able
to implement it successfully for DSpace, but this leaves me with a
problem when it comes to Sword authentication. Due to the nature of SAML
/ ADFS, one is transferred to the ADFS server to be authenticated, and
only sent back to DSpace if the authentication is successful.
Unsuccessful attempts leave you on the ADFS server and for Sword, I need
to do normal Password Authentication (or similar).
The fact that ADFS does not fail back to DSpace means that the
authentication stack cannot move on to the next authentication method.
I have been thinking of changing the Password Authentication method to
make it implicit, which I think will let the stack fall through to SAML
authentication. I have also been thinking in terms of changing the
AuthenticationServiceImpl to try to see which context is calling for
authentication, and if it is sword or swordv2, then simply returning
only the PasswordAuthenticationMethod class.
A nicer idea would be to have separate authentication stacks for
XMLUI/JSPUI and SWORD/SWORDv2.
Can anybody offer some advice on the best way to approach this or
suggest a better way of achieving this?
Kind Regards.
Shaun
--
All messages to this mailing list should adhere to the DuraSpace Code of
Conduct: https://duraspace.org/about/policies/code-of-conduct/
---
You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/dspace-tech.
For more options, visit https://groups.google.com/d/optout.
