Hi Vegard, I'll admit, I'm not as familiar with Kerberos myself. But, DSpace does not come with a Keberos authentication plugin. Therefore, DSpace does not support Kerberos out-of-the-box. Here's the authentication plugins which are provided:
https://wiki.duraspace.org/display/DSDOC5x/Authentication+Plugins If you are willing to do some Java programming (or have someone onsite), it may be possible for you to build a custom Kerberos authentication plugin for DSpace (by implementing a new "org.dspace.authenticate.AuthenticationMethod"). I'd recommend looking at some of the existing Authentication plugins as examples: https://github.com/DSpace/DSpace/tree/master/dspace-api/src/main/java/org/dspace/authenticate It's also possible someone else has found a way to use DSpace with Kerberos. If so, hopefully they'll speak up and share their code and/or experiences in doing so. - Tim On 5/11/2015 9:16 AM, Vegard Korvald wrote: > Anyone? I would be really greatful if someone could help me resolve this > issue. > > I can shorten the question: > Is it possible to authenticate with Kerberos and still autoregister epersons > into groups? The best solution for us would be to use unix filegroups to see > which eperson belongs to which group. > > > -- > Vegard > > >> -----Original Message----- >> From: Vegard Korvald >> Sent: Wednesday, April 29, 2015 4:57 PM >> To: dspace-tech@lists.sourceforge.net >> Subject: Kerberos and filegroups >> >> Hello, >> >> We're considering using DSpace for our researchers who work with videos and >> other data. We'll mainly use DSpace as a frontend for metadata in the >> database. I have a couple of questions. >> >> 1. Is it possible to authenticate with Kerberos? If so, is it also possible >> to >> autoregister a user in a group on the first logon based on unix filegroups >> or AD? >> I know that it's possible with LDAP authentication and AD, but we can't use >> LDAP as authentication for AD, only Kerberos. The best option for us would be >> to authenticate with Kerberos and autoregister users in groups by using unix >> filegroups. All users will not be in the same group and one user might be a >> member of several groups. Is this possible? >> >> 2. I want the files in DSpace to be useable by other software as well. For >> example a video in DSpace should not have to be downloaded before the >> user can analyze it with a software. DSpace will only be used as a frontend >> to >> the database for metadata purposes and we don't want to store the files as a >> 38-digit internal ID, unless we have to. We want the users to be able to see >> the same files on disk as they see in dspace. This means that the dspace >> groups and the filegroups has to be the same. I've looked at "Registering >> Bitstreams via Simple Archive Format" and if I understand it correctly it >> might >> be a solution. It's very important that these files are not available for >> everyone on disk. The "dspace" user should be the owner of the file, and a >> filegroup should give some users access to the file on disk for analyzing. >> Typically the dspace groups should correspond with the filegroups. Is this >> doable with DSpace? >> >> Please let me know if I need to clarify anything. >> >> >> -- >> Vegard > > > ------------------------------------------------------------------------------ > One dashboard for servers and applications across Physical-Virtual-Cloud > Widest out-of-the-box monitoring support with 50+ applications > Performance metrics, stats and reports that give you Actionable Insights > Deep dive visibility with transaction tracing using APM Insight. > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y > _______________________________________________ > DSpace-tech mailing list > DSpace-tech@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspace-tech > List Etiquette: > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
