On Wed, Aug 04, 2021 at 05:54:30PM -0400, Keith Jones wrote: > I've recently set up shibboleth on my institutional repository to do > authentication. Previously authentication was done via CAS. I'm > running into the following problem, I am getting some accounts that > authenticate without problem but also have other existing accounts > that fail and I'm not able to get new accounts to be created. > > Have others run into the same issue?
We also moved from CAS to Shibboleth recently, and have so far found one user who could not login after the change. I don't recall the precise issue, but I would start by comparing the database rows for a succeeding and a failing user. I had to manually fix the failing user's EPerson row. [time passes] Aha, I found some emails about it. The problem here was that we had an EPerson with a null 'password' field (suggesting that it was registered from a CAS login) and also a null 'netid'. Apparently (a) we didn't capture the netid properly during registration, and (b) our CAS login provider is able to match on the email field instead. (I haven't looked into that code yet.) Shibboleth is sending us email addresses for *some* users, but not all. I haven't yet found out why. So the Shib provider couldn't match on email and couldn't match on netid. What I did was to set the 'netid' for this EPerson to the appropriate value -- that is: the username portion of the email address. So email "[email protected]" => netid "jquser". -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/YQvlItICewL62ycP%40IUPUI.Edu.
signature.asc
Description: PGP signature
