Re: [dspace-tech] DSpace 5.X: Switching auth method from LDAP to Shibboleth
On Fri, Feb 10, 2023 at 03:06:53AM -0800, Evelthon Prodromou wrote: > Shibboleth SP is configured properly and attributes are released. > > The problem is with Epersons that were previously created with LDAP > authentication. When the same user attempts to authenticate via Shibboleth > a failure occurs and the following error is logged: > > ERROR org.dspace.authenticate.ShibAuthentication @ The identified EPerson > based upon Shibboleth email header, 'mail'='u...@domain.com', is locked to > another netid: 'a_username'. This might be a possible hacking attempt to > steal another > users credentials. If the user's netid has changed you will need to > manually change it to the correct value or unset it in the database. > > What is the proper way for Identity Scheme Migration (LDAP to Shibboleth)? I'm only guessing here, but it appears that the Shibboleth attribute that you are using for netid has different values for the same account than the LDAP attribute that you have been using. Does your IDP offer another attribute which tracks the LDAP service's attribute? -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/Y%2BZFlcOhy6pQJUbK%40IUPUI.Edu. signature.asc Description: PGP signature
[dspace-tech] Re: 500 Error is showing in UI
Stop Nginx or Apache and try: # In local.cfg or dspace.cfg dspace.server.url = http://52.15.74.25:8080/server dspace.ui.url = http://52.15.74.25 # In config.prod.yml ui: ssl: false host: Server-IP (Server Private IP) port: 80 rest: ssl: false host: 52.15.74.25 port: 8080 nameSpace: /server 1) yarn test:rest 2) yarn start:prod 3) Access DSpace at http://myIP On Friday, February 10, 2023 at 2:58:35 PM UTC+3 AFA wrote: > I try but it UI is not opening but back-end is working fine > > > $ ts-node --project ./tsconfig.ts-node.json scripts/test-rest.ts > Building production app config > Overriding app config with /opt/dspace-ui/config/config.yml > Overriding app config with /opt/dspace-ui/config/config.prod.yml > ...Testing connection to REST API at http://52.15.74.25:8080/server/api... > > > RESPONSE: 200 > > Checking JSON returned for validity... > "dspaceVersion" = DSpace 7.4 > "dspaceUI" = http://52.15.74.25:80 > "dspaceServer" = http://52.15.74.25:8080/server > > "dspaceServer" property matches UI's "rest" config? true > Does "/api" endpoint have HAL links ("_links" section)? true > Done in 3.40s. > > > On Friday, February 10, 2023 at 4:36:43 AM UTC+5:30 Mohammad S. AlMutairi > wrote: > >> On Wednesday, February 8, 2023 at 4:02:52 PM UTC+3 AFA wrote: >> *I install the DSpace 7.4 Backend successfully in AWS ubuntu 22.04 >> server and It is accessible through MYIP:8080/server* >> >> *and I install the UI also and I did the test run it is also successful >> but I unable to access it through myIP:4000* >> >> *then it is accessible by myIP:80 but it through 500 error, Please help >> me to solve this issue* >> You don't need a web server or a reverse proxy for this unrecommended or >> unsupported configuration. If you have to have it you can stop the >> webserver or disable it and change your configs as you see it below. (For >> this to work you must have dspace version 7.3 or above). >> >> # In local.cfg or dspace.cfg >> dspace.server.url = http://myIP:8080/server >> dspace.ui.url = http://myIP >> >> # In config.prod.yml >> ui: >> ssl: false >> host: myIP >> port: 80 >> >> rest: >> ssl: false >> host: myIP >> port: 8080 >> nameSpace: /server >> >> 1) yarn test:rest >> 2) yarn start:prod >> 3) Access DSpace at http://myIP >> >> BR >> > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/22fda27a-eb5f-4960-8917-cc86aded8648n%40googlegroups.com.
[dspace-tech] Re: 500 Error is showing in UI
I try but it UI is not opening but back-end is working fine $ ts-node --project ./tsconfig.ts-node.json scripts/test-rest.ts Building production app config Overriding app config with /opt/dspace-ui/config/config.yml Overriding app config with /opt/dspace-ui/config/config.prod.yml ...Testing connection to REST API at http://52.15.74.25:8080/server/api... RESPONSE: 200 Checking JSON returned for validity... "dspaceVersion" = DSpace 7.4 "dspaceUI" = http://52.15.74.25:80 "dspaceServer" = http://52.15.74.25:8080/server "dspaceServer" property matches UI's "rest" config? true Does "/api" endpoint have HAL links ("_links" section)? true Done in 3.40s. On Friday, February 10, 2023 at 4:36:43 AM UTC+5:30 Mohammad S. AlMutairi wrote: > On Wednesday, February 8, 2023 at 4:02:52 PM UTC+3 AFA wrote: > *I install the DSpace 7.4 Backend successfully in AWS ubuntu 22.04 server > and It is accessible through MYIP:8080/server* > > *and I install the UI also and I did the test run it is also successful > but I unable to access it through myIP:4000* > > *then it is accessible by myIP:80 but it through 500 error, Please help me > to solve this issue* > You don't need a web server or a reverse proxy for this unrecommended or > unsupported configuration. If you have to have it you can stop the > webserver or disable it and change your configs as you see it below. (For > this to work you must have dspace version 7.3 or above). > > # In local.cfg or dspace.cfg > dspace.server.url = http://myIP:8080/server > dspace.ui.url = http://myIP > > # In config.prod.yml > ui: > ssl: false > host: myIP > port: 80 > > rest: > ssl: false > host: myIP > port: 8080 > nameSpace: /server > > 1) yarn test:rest > 2) yarn start:prod > 3) Access DSpace at http://myIP > > BR > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/7e23964c-47b1-44da-af75-92f484166271n%40googlegroups.com.
[dspace-tech] DSpace 5.X: Switching auth method from LDAP to Shibboleth
Hello all, Shibboleth SP is configured properly and attributes are released. The problem is with Epersons that were previously created with LDAP authentication. When the same user attempts to authenticate via Shibboleth a failure occurs and the following error is logged: ERROR org.dspace.authenticate.ShibAuthentication @ The identified EPerson based upon Shibboleth email header, 'mail'='u...@domain.com', is locked to another netid: 'a_username'. This might be a possible hacking attempt to steal another users credentials. If the user's netid has changed you will need to manually change it to the correct value or unset it in the database. What is the proper way for Identity Scheme Migration (LDAP to Shibboleth)? kind regards, Evelthon -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/43c14f75-1b42-4f5d-96e3-10135c8b2397n%40googlegroups.com.