Hi Clive,
Try replacing the code in the getSpcialGroups method in
[dspace-src]/dspace-api/src/main/java/org/dspace/authenticate/DAPHierarchicalAuthentication.java
with the following:
public int[] getSpecialGroups(Context context, HttpServletRequest request)
{
try
{
if (!context.getCurrentUser().getNetid().equals(""))
{
Group staffGroup = Group.findByName(context, "all-staff");
Group studentsGroup = Group.findByName(context, "all-students");
// Does the username start with a '1'?
if ((studentsGroup != null) &&
(context.getCurrentUser().getNetid().startsWith("1")))
{
// Add them to the students group
return new int[] { studentsGroup.getID() };
}
else if (staffGroup != null)
{
// Add them to the staff group
return new int[] { staffGroup.getID() };
}
}
}
catch (Exception npe) {
// The user is not an LDAP user, so we don't need to worry about them
}
return new int[0];
}
Hopefully this should work. You may wish to change the group names which are
set in the code to be 'all-staff' and 'all-students'.
Stuart Lewis
Digital Services Programmer
Te Tumu Herenga The University of Auckland Library
Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand
Ph: 64 9 373-7599 x81928
http://www.library.auckland.ac.nz/
From: clive gould [mailto:[email protected]]
Sent: Monday, 27 April 2009 4:59 a.m.
To: [email protected]
Subject: Re: [Dspace-tech] Special Groups
Hi Stuart
I'm at a loss to know where to find the getSpecialGroups method.
I've tried locate and grep recursively without success.
All student id's are numeric and begin with the number 1
All I need is a fragment of code as follows:
IF first character of EPerson name is not 1 THEN
Add EPerson to staff special group
ENDIF
I guess it would look something like this: (N.B. I'm not a java programmer!)
if (context.getCurrentUser().getEPersonl()!=='1') {
??????????
}
How and where do I go about coding this please?
Thnaks very much indeed.
Clive
On Thu, Apr 23, 2009 at 10:36 PM, Stuart Lewis <[email protected]> wrote:
Hi Clive,
The code you need to write will either need to go in the getSppecialGroups
method, or in the authenticate method.
Ideally it would go in the former, but it depends on whether you can derive the
group you need to add the user to from their EPerson details. For example if
you can tell from their netid or email whether they are staff or students, then
you can write code in getSpecialGroups along the lines of
if (context.getCurrentUser().getEmail().contains("@students.bromley.ac.uk"))
to decide if a user matches.
However if the information cannot be derived from their EPerson information,
but you need the information from their LDAP record (e.g. to look up group
memberships) instead, then you'll have to add code in the authenticate method.
You need to find where in the code the user gets authenticated, decide which
groups to add the user to based upon their user profile, then use the api call
context.setSpecialGroup(int groupID).
I hope this helps,
Stuart Lewis
Digital Services Programmer
Te Tumu Herenga The University of Auckland Library
Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand
Ph: 64 9 373-7599 x81928
http://www.library.auckland.ac.nz/
From: clive gould [mailto:[email protected]]
Sent: Friday, 24 April 2009 2:12 a.m.
To: [email protected]
Subject: [Dspace-tech] Special Groups
Hi
I have published in my DSpace install blog information on installing DSpace
1.5.2 on CentOS 5.3 and getting DSpace/AD authentication working:
http://www.linuxtraining.org.uk/blogger.html
Now I am starting to wonder if anyone managed to get more than one special
group working with DSpace with LDAP/AD authentication?
What I am interested in is getting:
* Staff users from AD automatically added to a staff special group in DSpace
* Student users from AD automatically added to a student special group in
Dspace.
I understand this may involve writing code associated with the
getSpecialGroups methods.
Automatic group membership for staff and students in DSpace worked well with
RADIUS authentication, but the RADIUS module won't work for me any longer :(
Has anyone got this working with LDAP authentication I wonder?
Thanks in advance
Clive
Clive Gould
Bromley College
------------------------------------------------------------------------------
Register Now & Save for Velocity, the Web Performance & Operations
Conference from O'Reilly Media. Velocity features a full day of
expert-led, hands-on workshops and two days of sessions from industry
leaders in dedicated Performance & Operations tracks. Use code vel09scf
and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
