Hi Bruc, Thanks for the reply and help. I understand this can be done. But we are already using MS Active Directory which already has NTLM Single Sign On features I received some patches on this forum but unfortunately I could not get it working till now.
I have already integrated dspace with LDAP and users can login to dspace but again dspace is not fetching the user's details from the MS AD which ideally it should do. Now I am looking to enable NTLM authentication through which users can have SSO access across the LAN. If any body has done this successfully please let me know. With Regards Ehtesham -----Original Message----- From: Bruc Liong [mailto:[EMAIL PROTECTED] Sent: Friday, December 14, 2007 5:31 AM To: Nikolas Lam; Mohammad Ehtesham Cc: dspace-tech@lists.sourceforge.net Subject: RE: [Dspace-tech] External database authentication in dspace Sorry being late to pick on this. Shibboleth allows SSO to applications, hence once they've logged to Moodle, they can access dspace resources and despite being asked to login (in fact it's just a set of redirects, user never needs to login anymore), they will gain access to resources in dspace right away. There is a patch for dspace to "shibbolize" it (search on patch section) We've done much work on shibboleth and dspace, you can visit our demo as follow: 0) go to http://openidp.federation.org.au and create an account for yourself (this is a free test IdP for shibboleth in our federation).make sure you use valid email address (we don't use your email address for anything, only to send you initial confirmation link of account creation) 1) go to http://sp-dspace1.mams.org.au/dspace14 (this is dspace1.4 deployed, vanilla) 2) go to MySpace and choose Shibboleth login 3) choose "TestFed OpenIdP" and login with your account 4) there is an interface in this openIdP that ask whether you'd like to release your info (click "yes", "release required attributes", "go to service using this card"). This interface is one of the tool, Autograph, we're offering as part of our federation to safeguard user's privacy. Note that if you play with releasing and denying attributes, make sure you do *not* delete mail and principalname as this is needed for dspace. 5) you should arrive authenticated and your account is automatically created in dspace (there are options for this shibbolized dspace). 6) now navigate to http://sp-dspace2.mams.org.au (this one old dspace 1.3 ?) 7) click on MySpace again 8) if you may not notice, but you don't need to login again, but you're still asked for releasing your attributes to confirm that you're happy to release your attributes, click "go to service" 9) you should be automatically signed on as well on that service. You can try to browse through documents there, but most documents have access control restriction, hence your account may not be able to access them. The above is sufficient to show how the SSO happening between dspaces. If you don't have Autograph installed, then your users will not see pages on steps 4 and 8. Let me know if that helps and if you'd need further clarification. Bruc > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:dspace-tech- > [EMAIL PROTECTED] On Behalf Of Nikolas Lam > Sent: Wednesday, 28 November 2007 10:39 AM > To: Mohammad Ehtesham > Cc: dspace-tech@lists.sourceforge.net > Subject: Re: [Dspace-tech] External database authentication in dspace > > On Tue, 2007-11-27 at 12:30 +0530, Mohammad Ehtesham wrote: > > Thanks for your reply Nik, > > > > I have checked the links and it seems using shibboleth it is > possible. > > > > I want to discuss further, I have already integrated our LMS (moodle) > > with our organization's MS AD (LDAP server) and I think we can > integrate > > it with Dspace as well and this will give same sign on to both. But I > am > > looking for the feature to enable single sign on (Once the user is > > logged in LMS (Moodle) his/her login authentication should pass on to > > dspace as well). > > > > Dspace should not prompt the users to login. > > > > Looking forward for the suggestions > > I think one of the selling points of Shibboleth is single sign-on. > > I've only had a relatively light investigation of it so far. It's > probable that we'll be implementing the infrastructure at USyd > "soonish" > for the cross-institutional collaboration that it would facilitate. > Until then, I'm afraid I've no expertise on the subject, but the > Shibboleth web site has a many links to resources including mailing > lists that you could make use of. > > Also, I'm sure people here and on the mailing lists of moodle and > joomla > would be keen to help if you come up with questions specific to > integrating shibboleth into dspace, moodle and joomla respectively. > > Cheers, > > Nik > > > > > > > > > ----------------------------------------------------------------------- > -- > SF.Net email is sponsored by: The Future of Linux Business White Paper > from Novell. From the desktop to the data center, Linux is going > mainstream. Let it simplify your IT future. > http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 > _______________________________________________ > DSpace-tech mailing list > DSpace-tech@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspace-tech DISCLAIMER:"The information contained in this message and the attachments (if any) may be privileged and confidential and protected from disclosure. You are hereby notified that any unauthorized use, dissemination, distribution or copying of this communication, review, retransmission, or taking of any action based upon this information, by persons or entities other than the intended recipient, is strictly prohibited. If you are not the intended recipient or an employee or agent responsible for delivering this message, and have received this communication in error, please notify us immediately by replying to the message and kindly delete the original message, attachments, if any, and all its copies from your computer system. Thank you for your cooperation." ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
