This is the only error log line before the one I posted earlier: 2012-09-25 09:11:13,082 ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from.
We are using Shibboleth 2.0 on a CentOS 5.8 system. Which details of the attribute-map.xml exactly do you need? The respective headers (eppn, givenName, surname, mail) are definitely correct, and they work for the JSPUI. Since I am not the administrator for the IDP or the actual server I don't know which config you are talking about (passing the attributes to Tomcat) -- can you tell me how to find them? Best, Joachim On 09/24/2012 09:31 PM, Benjamin Ryan wrote: > Joachim, > Can you send the part of the log before the error message that lists > what headers have been passed? > Also can you say what Shibboleth SP you are using (version, platform, > OS etc) and details of the attribute-map.xml plus the config that you are > using in Apache to get the "attributes" passed to Tomcat. > > Regards, > Ben > > ------------------------------------------------------------------ > Dr Ben Ryan > Jorum Technical Manager > > 5.12 Roscoe Building > The University of Manchester > Oxford Road > Manchester > M13 9PL > Tel: 0160 275 6039 > E-mail:[email protected] > ------------------------------------------------------------------ > > -----Original Message----- > From: Joachim Bingel [mailto:[email protected]] > Sent: 24 September 2012 15:41 > To:[email protected] > Subject: [Dspace-tech] Shibboleth Authentication in XMLUI > > Hi, > > I have successfully set up Shibboleth authentication for the 1.8.2 JSPUI, but > in the XMLUI it fails. A look into the log file tells me that the needed > credentials cannot be found: > > 2012-09-24 16:36:20,515 ERROR org.dspace.authenticate.ShibAuthentication > @ Unable to register new eperson because we are unable to find an email > address along with first and last name for the user. > NetId Header: 'eppn'='null' (Optional) > Email Header: 'mail'='null' > First Name Header: 'givenName'='null' > Last Name Header: 'surname'='null' > > As said, this works for the JSPUI. The respective property names (eppn, mail, > givenName, surname) are correctly set, this is how the IdP returns them. > > Thanks in advance for your help, > Joachim > > -- > Joachim Bingel > Institut für Deutsche Sprache, Zentrale Forschung R5, 6-13, 68161 Mannheim > +49 - (0)621-1581-456 |http://www.ids-mannheim.de > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats.http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > DSpace-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/dspace-tech > -- Joachim Bingel Institut für Deutsche Sprache, Zentrale Forschung R5, 6-13, 68161 Mannheim +49 - (0)621-1581-456 |http://www.ids-mannheim.de ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
