> Surely users "would" work with an SSO as long as the user details include the > username (I'd really hope so! ;) ), then all you'd need to do is a standard > sso bounce pageā¦
Yes, of course. There are out-of-the-box integrations with CAS, Shibboleth, LDAP, etc. available. All I was trying to say is that the Model Loader is currently hardcoded to create accounts with an internal authentication strategy (i.e. local username and password). We just have to make a code change to the Model Loader to allow for accounts to be created with a different authentication strategy. Note that OAE has account ids, which are the ids that are used behind the scenes to refer to that user. An account id can be associated to multiple authentication strategies. This for examples allows for a user to sign into their account using both their CAS account and their Google id, or for a user to take their account with them when their institutional id change. Therefore, the SSO username is recorded as part of the authentication strategy for that user, not the account itself. Hope that helps, Nicolaas On 3 Feb 2014, at 11:17, Andrew Martin <andrew.mar...@newcastle.ac.uk> wrote: > Yeah, probably just migrating existing users and stub sites/project areas > with the same names would be good enough... And maybe the files from the > resource section (but that might be asking a bit much!). I'm sort of not > "too" bothered about migrating the content of the CLE tools as, well, how to > put this politely... they're not very good. > > Surely users "would" work with an SSO as long as the user details include the > username (I'd really hope so! ;) ), then all you'd need to do is a standard > sso bounce page... > > * Redirect someone at shib/cas etc... and get a valid auth bounce > * When the user is redirected back the code needs to be able to start a user > session in oae for the given username and tie the username to the oae account > > I have a "little" experience with this from CLE, Blackboard and Panopto > dabblings. > > Andrew > > -----Original Message----- > From: oae-dev-boun...@collab.sakaiproject.org > [mailto:oae-dev-boun...@collab.sakaiproject.org] On Behalf Of Nicolaas > Matthijs > Sent: 03 February 2014 11:07 > To: Andrew Martin > Cc: oae-dev@collab.sakaiproject.org > Subject: Re: [oae-dev] Basic Hilary start up question... > > Hi Andrew, > >> Just a wayward thought, you couldn't format cle data in such a way you >> could use the model loader to "migrate" to oae? Quite happy to go read >> some docs somewhere if there's anything already online along those >> lines... > > That's an interesting thought, although we haven't experimented with that > yet. The Model Loader uses a 2 step approach where it first generates all of > the data to be loaded and writes it to a number of text files. This allows > for the same generated data to be loaded multiple times. The second step is > the actual data loading using the REST APIs. In theory, it should be possible > to write part of your data in that same format, but you might find that the > Model Loader requires some code changes before this really works (e.g. the > Model Loader currently isn't able to create accounts that will then be able > to sign in using institutional SSO). > > Obviously, you also wouldn't be able to migrate all of the data, as CLE and > OAE have a different set of functionality. > > Hope that helps, > Nicolaas > > > On 3 Feb 2014, at 10:20, Andrew Martin <andrew.mar...@newcastle.ac.uk> wrote: > >> Thanks Nicolaas, haven't had time to do the suggestions from last week >> yet... :( but yeah, that does sound interesting. >> >> Just a wayward thought, you couldn't format cle data in such a way you could >> use the model loader to "migrate" to oae? Quite happy to go read some docs >> somewhere if there's anything already online along those lines... >> >> Andrew >> >> -----Original Message----- >> From: Nicolaas Matthijs [mailto:nicolaasmatth...@googlemail.com] On >> Behalf Of Nicolaas Matthijs >> Sent: 31 January 2014 17:51 >> To: Andrew Martin >> Cc: oae-dev@collab.sakaiproject.org >> Subject: Re: [oae-dev] Basic Hilary start up question... >> >> Hi Andrew, >> >> We do have something that's called the Model Loader [1]. This is a utility >> that is able to generate users, groups, content items, discussions, >> comments, etc. with dummy content and load them into a running OAE >> installation. This utility is being used to seed a tenant with a large >> amount of production-like data before running performance tests, as well as >> for demos. >> >> Whilst the Model Loader doesn't create a new tenant itself, it might still >> be useful when playing around with the system. >> >> [1] https://github.com/oaeproject/OAE-model-loader >> >> Hope that helps, >> Nicolaas >> >> >> >> On 30 Jan 2014, at 10:32, Andrew Martin <andrew.mar...@newcastle.ac.uk> >> wrote: >> >>> All, >>> Just thinking a little more... would it be possible to make a csql >>> script that pre-populated Cassandra with some tables that would make an >>> example tenant? i.e. just something quick and dirty so that us newbies can >>> get to grips with "something" that works straight away? >>> >>> Andrew >>> >>> >>> -----Original Message----- >>> From: oae-dev-boun...@collab.sakaiproject.org >>> [mailto:oae-dev-boun...@collab.sakaiproject.org] On Behalf Of Andrew >>> Martin >>> Sent: 30 January 2014 10:24 >>> To: 'Nicolaas Matthijs' >>> Cc: 'oae-dev@collab.sakaiproject.org' >>> Subject: Re: [oae-dev] Basic Hilary start up question... >>> >>> Hello (again?) Nicolaas... think we may have briefly met at sakai paris >>> some time ago? >>> >>> Thanks, I saw your reply before Brendan's, I'll try the curl route and >>> I'll try Brendan's suggestions too, having an admin url you could expose >>> externally (temporarily) would be my preferred choice, although I'm not >>> unfamiliar with REST interfaces so may be able to figure it out.... >>> >>> I'm "very" encouraged that oae has been re-written in js + node, as much as >>> I like Java (amongst other languages) and have a background in it, I've >>> been doing a lot of work recently with phonegap/cordova and node.js and >>> have grown a fondness to it.... however if I had a pound for every time I >>> told someone I was writing something in javascript and that person rolled >>> their eyes I would be a very rich man right now. >>> >>> I'm yet to dig too deeply (or get a working service) yet but I'm hoping >>> this incarnation of sakai is what I think it might be (REST/JSON based, >>> node plugins, better documentation, more open community), my dev experience >>> with CLE so far can be simply summed up with the word "frustrating". >>> >>> Andrew >>> >>> -----Original Message----- >>> From: Nicolaas Matthijs [mailto:nicolaasmatth...@googlemail.com] On >>> Behalf Of Nicolaas Matthijs >>> Sent: 30 January 2014 09:38 >>> To: Andrew Martin >>> Cc: oae-dev@collab.sakaiproject.org >>> Subject: Re: [oae-dev] Basic Hilary start up question... >>> >>> Hi Andrew, >>> >>> If you did want to use cURL to create a tenant, you should be able to >>> follow these steps: >>> >>> 1) Get a session cookie by logging in as the global administrator: >>> >>> ADMIN_COOKIE=$(curl -s -e "/" --cookie-jar - >>> -d"username=administrator" -d"password=<adminPassword>" >>> http://<youradminhost>/api/auth/login | grep connect.sess | cut -f 7) >>> >>> 2) Create the new tenant through the REST API: >>> >>> curl -d "alias=newcastle&displayName=University of >>> Newcastle&host=ncl.oae.com" --cookie connect.sess=${ADMIN_COOKIE} -e >>> "/" http://<youradminhost>/api/tenant/create >>> >>> Hope that helps, >>> Nicolaas >>> >>> >>> On 30 Jan 2014, at 08:56, Branden Visser <mrvis...@gmail.com> wrote: >>> >>>> Hi Andrew, >>>> >>>> Exposing the global administrative console publicly should be fine >>>> but not mandatory -- assuming you have locked it down with a >>>> sufficiently complex password and have put in provisions for brute-force >>>> attempts. >>>> It will be much easier for you to have admin access through a browser. >>>> Technically you could use cURL to interact with it, but you'll have >>>> to manually mingle with a cookie. >>>> >>>> In order to have a tenant that you can host users on, you'll need to >>>> log in to the administrative interface and create one. >>>> >>>> Hope that helps, >>>> Branden >>>> >>>> On Wed, Jan 29, 2014 at 7:53 AM, Andrew Martin >>>> <andrew.mar...@newcastle.ac.uk> wrote: >>>>> Hello all, >>>>> >>>>> I have a question that I suspect has a simple answer >>>>> but I'd like to check.... >>>>> >>>>> >>>>> >>>>> I've followed the big readme at >>>>> https://github.com/oaeproject/Hilary/blob/3.0.0/README.md and >>>>> managed to get all the dependencies working (I "think"), I'm >>>>> currently at the bit where you have to set up tenants and I'm >>>>> hitting the "418 status code" problem >>>>> (http://collab.sakaiproject.org/pipermail/oae-dev/2013-September/003606.html). >>>>> This seems to be remedied by going to admin.oae.com on the local >>>>> machine... >>>>> however my install is on a headless centos, so how do I login to >>>>> the administrative console without a GUI? Stuff like lynx/links >>>>> borks and says I need javascript, which is kinda what I expected! I >>>>> don't know whether I should have made the admin url externally >>>>> available.... >>>>> somehow (which doesn't sound like a good idea) or whether you just >>>>> "can't" set up oae without a GUI browser? >>>>> >>>>> >>>>> >>>>> Regards >>>>> >>>>> >>>>> >>>>> Andrew Martin >>>>> >>>>> >>>>> >>>>> Research and Collaborative Services >>>>> >>>>> Newcastle University >>>>> >>>>> >>>>> _______________________________________________ >>>>> oae-dev mailing list >>>>> oae-dev@collab.sakaiproject.org >>>>> http://collab.sakaiproject.org/mailman/listinfo/oae-dev >>>>> >>>> _______________________________________________ >>>> oae-dev mailing list >>>> oae-dev@collab.sakaiproject.org >>>> http://collab.sakaiproject.org/mailman/listinfo/oae-dev >>> >>> _______________________________________________ >>> oae-dev mailing list >>> oae-dev@collab.sakaiproject.org >>> http://collab.sakaiproject.org/mailman/listinfo/oae-dev >>> _______________________________________________ >>> oae-dev mailing list >>> oae-dev@collab.sakaiproject.org >>> http://collab.sakaiproject.org/mailman/listinfo/oae-dev >> > > _______________________________________________ > oae-dev mailing list > oae-dev@collab.sakaiproject.org > http://collab.sakaiproject.org/mailman/listinfo/oae-dev _______________________________________________ oae-dev mailing list oae-dev@collab.sakaiproject.org http://collab.sakaiproject.org/mailman/listinfo/oae-dev
