Re: [Dspace-tech] OAI-PMH HARVESTING. HELP REQUEST
Hi Marco Your repository can work with any qualified set of dublincore, there are no limitations (except some intrincsic to Dspace data model.., that´s another thing). OAI specification says that, at least, simple Dublin Core must be supported, but doesn´t put any limits to support another metadata schemas. In fact, the Dspace version 4 support 12 formats in an standard way (uketd_dc, dim, oai_dc, marc, etdms, xoai, qdc, rdf, ore, mods, and didl)being oai_dc, the simple DublinCore and qdc the qualified Dublin Core. The way OAI expose your metadata from your internal representation ( qualified dc set-library application profile) to the external representations is via CROSSWALKS that sets the transformations rules between schemas (and values and...) You can see (and play with) an example of this multiplicity at http://demo.dspace.org/oai/request?verb=ListMetadataFormats regards Emilio Lorenzo El 07/07/2014 19:08, Marco Tomassini escribió: Hallo. We should need a help by someone of the list. We have installed the overdated Dspace version 1.5.2 to manage our institutional repository, non publicly evailable (it's unfortunately hidden by a firewall). We use a qualified dc set (library application profile). We need to harvest the repository data in a qualified way (elements + attributes., eg /dc.description.abstract= [value]/) towards another application. But we've read in the OAI documentation at URL http://www.openarchives.org/OAI/openarchivesprotocol.html the following: For purposes of interoperability, repositories *must* disseminate Dublin Core http://purl.org/DC/documents/rec-dces-19990702.htm, without any qualification http://purl.org/DC/documents/rec/dcmes-qualifiers-2711.htm Do you know if there's a solution to this, please? Thanks best regards Marco Tomassini and Paola Mancini Scuola Normale Superiore, Pisa, Italy -- Marco Tomassini Centro Biblioteca della Scuola Normale Superiore Piazza dei Cavalieri, 7 - 56100 - PISA sito web: http://biblio.sns.it/ email: m.tomass...@sns.it mailto:m.tomass...@sns.it tel: +39 (0)50 509 352 Skype: tomassinisns Le informazioni contenute nel presente email e negli eventuali relativi allegati possono essere riservate e sono, comunque, destinate al destinatario in indirizzo. Sono vietate pertanto la diffusione, distribuzione e/o copiatura di tali informazioni da parte di qualsiasi soggetto diverso dal destinatario. -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] OAI-PMH HARVESTING. HELP REQUEST
Hi Marco, as Emilio said, oai_dc (unqualified DC) is mandatory, but any number of other formats can be made available at the same time. DSpace also has support for qdc (qualified DC). Here's how you can activate it in your DSpace version: http://dspace.org/sites/dspace.org/files/archive/1_5_2Documentation/ch05.html#N12520 Then you'll request qdc by adding the metadataPrefix=qdc parameter to the ListRecords or GetRecord verbs. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] IP Authentication
Hi Tim, thank you for that information, this explains perfectly, why I'm having trouble trying to write to a collection using IP authentication. I have tried what you described (being assigned to the administrator group for one IP address after logging in, independently from the specific user rights) - but unfortunately that does not work either. That scenario would fit my needs (of course it would be more comfortable by IP authentication, but I understand that is a possible security hole). So I guess its really impossible to assign the Admin role to someone, whose login data is not assigned to the Admin group. I'll try solving that problem by investigating the LDAP-authentication a little bit more - all our users are authenticated via LDAP, if its possible to assign ADMIN rights to some LDAP authenticated members, it would be sufficient. Otherwise I'll describe my use case more detailed in your ticketing system. Thanks again for that information! Best - Oliver Am 07.07.2014 17:03, schrieb Tim Donohue: Hi Oliver, I suspect there may be an assumption in the IP Authentication plugin that you are using it for READ access rather than full ADMIN access. The reality here is that the IP Authentication plugin was built primarily for one use case -- to allow unauthenticated users *READ* access to restricted content, based on an IP range. For example, if you use DSpace in a Library, you could provide users at a Library computer full-access to materials, while requiring authentication at a non-Library computer. We never really anticipated using IP Authentication for non-READ access rights, as it could be considered a security hole. For example, if someone gained access to your computer (which has ADMIN rights via IP) or that IP was accidentally allocated to a different computer, then someone else could suddenly have the ability to delete all the content in your DSpace. So, ADMIN rights are much more tightly controlled and require some form of password. That being said, I suspect the following *MAY* work: (1) Setup IP Authentication on the ADMIN Group for a specific IP, e.g. 127.0.0.1 (2) Have each of your Admins create an Account with DSpace. But, do NOT add them to the Administrator group. (3) Have them LOGIN (with their acct password) from the IP address in #1 (e.g. 127.0.0.1). They should be automatically a member of the Administrator group, as they are logged in from the IP address in question. If this doesn't quite meet your needs, or work how you'd like it to, then I'd recommend creating a new Feature Request ticket which describes the use case(s) you need to meet. That way we can review how IP Authentication currently works, and decide whether we can enhance it to meet your use cases. Here's a link to our ticketing system: https://jira.duraspace.org/browse/DS/ Also feel free to ask any followup questions here, if I've misunderstood! - Tim On 7/4/2014 3:16 AM, Oliver Goldschmidt wrote: Hi, I have tested if IP auth is working for groups different to Administrator group. I think it doesn't. That was my test scenario: - I have created TESTGROUP without any members - I have created a collection TESTCOLLECTION, in which only TESTGROUP can publish - I have configured authentication-ip.cfg as follows: ip.TESTGROUP = 134.x.y.z - I restarted tomcat Now I would expect, coming from 134.x.y.z, to be authorized automatically to publish in TESTCOLLECTION. But I am not allowed to do that - I do not see a publish-here-button in TESTCOLLECTION. So I guess there is still something wrong either with my configuration or in general. Any ideas how to debug that? Best regards Oliver Am 04.07.2014 09:31, schrieb Oliver Goldschmidt: James, thank you for your reply. In dspace.log I can see that DSpace gets the correct IP address, but it does not work. I can see my IP address in dspace.log: 2014-07-04 09:27:14,809 INFO org.dspace.browse.BrowseEngine @ anonymous:session_id=40D2B0A5B4C97XX:ip_addr=134.x.y.z:browse_mini: So I guess DSpace has the correct IP address, but IP authentication is still not working. I will try, if groups different to the Administrator group are working to check if that is the problem. Best regards Oliver Am 04.07.2014 00:03, schrieb James Creel: I’ve never tried putting folks in the Administrator group with this feature, but I don’t see why it would act differently, in which case you seem to be configuring it correctly. In the past, I have had problems when DSpace saw an IP address that was not what I thought it was. You can ascertain what IP address DSpace is seeing by looking in the control panel - current activity or by looking at the dspace log. If you are behind a load balancer, etc, you also might try setting useProxies = true in the dspace.cfg and make sure your sysadmin is forwarding the original IPs. James Creel Senior Lead Software Applications Developer Texas AM University
Re: [Dspace-tech] CC licenses in submissions
I'm using 4.1 with xmlui-manakin. So is there a native way to choose between these 6 CC licenses? CC BY, CC BY-SA, CC BY-ND, CC BY-NC, CC BY-NC-SA and CC BY-NC-ND Thanks El 03/07/2014 16:43, Adan Roman escribió: Hi What version of DSpace are you using? I think that the standard classes CCLicenseStep.java have the functionality you are looking for. regards Hi We want to implement in each item we upload a submission step where you can choose a Creative Common License between the 6 CC attribution kind (CC BY, CC BY-SA, CC BY-ND, CC BY-NC, CC BY-NC-SA, CC BY-NC-ND) as you can see here: http://creativecommons.org/licenses/ [4] In this step when the submitter choose one of these 6 licenses it will be written in dc.rights metadata field. I've seen that DSpace offers several CC Licenses but I don't see anything about these 6 kinds. I'm thinking on creating a new java class for a new step in item-submission.xml but is quite difficult as I've seen. Any suggestion or any help? Thank you, best regards. -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft [1] ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech [2] List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette [3] -- - [5] Este mensaje no contiene virus ni malware porque la protección de avast! Antivirus [5] está activa. -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft [1] ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech [2] List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette [3] Links: -- [1] http://p.sf.net/sfu/Bonitasoft [2] https://lists.sourceforge.net/lists/listinfo/dspace-tech [3] https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette [4] http://creativecommons.org/licenses/ [5] http://www.avast.com/ -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
[Dspace-tech] Replication Task Suite problem
I'm trying to add the Replication Task Suite to Dspace 4.1 (Mirage) but I get the following error: [INFO] BUILD FAILURE [INFO] [INFO] Total time: 48.651 s [INFO] Finished at: 2014-07-08T06:54:54-05:00 [INFO] Final Memory: 50M/302M [INFO] [ERROR] Failed to execute goal on project additions: Could not resolve dependencies for project org.dspace.modules:additions:jar:4.1: Failed to collect dependencies at org.dspace:dspace-replicate:jar:3.2 - org.duracloud:storeclient:jar:2.3.1: Failed to read artifact descriptor for org.duracloud:storeclient:jar:2.3.1: Could not transfer artifact org.duracloud:storeclient:pom:2.3.1 from/to duracloud-releases (https://m2.duraspace.org/content/repositories/releases): sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target - [Help 1] org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal on project additions: Could not resolve dependencies for project org.dspace.modules:additions:jar:4.1: Failed to collect dependencies at org.dspace:dspace-replicate:jar:3.2 - org.duracloud:storeclient:jar:2.3.1 at org.apache.maven.lifecycle.internal.LifecycleDependencyResolver.getDependencies(LifecycleDependencyResolver.java:220) at org.apache.maven.lifecycle.internal.LifecycleDependencyResolver.resolveProjectDependencies(LifecycleDependencyResolver.java:127) at org.apache.maven.lifecycle.internal.MojoExecutor.ensureDependenciesAreResolved(MojoExecutor.java:257) at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:200) at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153) at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145) at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116) at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80) at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51) at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:120) at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:347) at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:154) at org.apache.maven.cli.MavenCli.execute(MavenCli.java:584) at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:213) at org.apache.maven.cli.MavenCli.main(MavenCli.java:157) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289) at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229) at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415) at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356) Caused by: org.apache.maven.project.DependencyResolutionException: Could not resolve dependencies for project org.dspace.modules:additions:jar:4.1: Failed to collect dependencies at org.dspace:dspace-replicate:jar:3.2 - org.duracloud:storeclient:jar:2.3.1 at org.apache.maven.project.DefaultProjectDependenciesResolver.resolve(DefaultProjectDependenciesResolver.java:167) at org.apache.maven.lifecycle.internal.LifecycleDependencyResolver.getDependencies(LifecycleDependencyResolver.java:195) ... 22 more Caused by: org.eclipse.aether.collection.DependencyCollectionException: Failed to collect dependencies at org.dspace:dspace-replicate:jar:3.2 - org.duracloud:storeclient:jar:2.3.1 at org.eclipse.aether.internal.impl.DefaultDependencyCollector.collectDependencies(DefaultDependencyCollector.java:292) at org.eclipse.aether.internal.impl.DefaultRepositorySystem.collectDependencies(DefaultRepositorySystem.java:317) at org.apache.maven.project.DefaultProjectDependenciesResolver.resolve(DefaultProjectDependenciesResolver.java:159) ... 23 more Caused by: org.eclipse.aether.resolution.ArtifactDescriptorException: Failed to read artifact descriptor for org.duracloud:storeclient:jar:2.3.1 at org.apache.maven.repository.internal.DefaultArtifactDescriptorReader.loadPom(DefaultArtifactDescriptorReader.java:349) at org.apache.maven.repository.internal.DefaultArtifactDescriptorReader.readArtifactDescriptor(DefaultArtifactDescriptorReader.java:231) at
[Dspace-tech] Resource not found: display-filters
Hello, I maintain a DSpace 3.2 server running over Redhat 6.0. Upon testing the server for several functions, I discovered that the advanced search is not working. When I click, add filters button, I get a cocoon exception that the display-filters page is not found. Upon inspection, I found that display-filters is actually a javascript function. And if I gave the query arguments by hand in the url it will work. Is there a way to overcome this problem? P.S. I also maintain another server running over Ubuntu Server 12.04 and it does not suffer from this problem. Thank you All! -- View this message in context: http://dspace.2283337.n4.nabble.com/Resource-not-found-display-filters-tp4673971.html Sent from the DSpace - Tech mailing list archive at Nabble.com. -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
[Dspace-tech] Permissions and recent submissions with 4.1 xmlui
I have restricted a collection to logged in users, but recent submissions still shows these at the collection level, and people can download without logging in. Is this a bug or works as intended? or more likely doesn't know what he is doing and has something setup wrong David Schuster Texas Woman's University Director of Library Information Technology Technical Support Phone: 940-898-3909 dschus...@twu.edumailto:dschus...@twu.edu [Description: emailsignature] -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] IP Authentication
Hi all, I just wanted to open a ticket concerning that, but it seems that I have done something wrong in last weeks tests. I now can confirm, that assignment of ADMIN rights via IP authentication in fact works. Perhaps I had some different rules in ip-authentication.cfg, which overlapped each other and caused the trouble. Now I removed all of the rules and the only one left is the Admin role. And - surprise - now it works. But in this context I have found another problem, which also has been described a couple of years ago in DS-61 (https://jira.duraspace.org/browse/DS-61): the role assignment only works after login (as Tim also supposed in his reply). Perhaps that ticket needs to be reopened? I am using DSpace 4.1. Thank you and best regards Oliver Am 08.07.2014 10:12, schrieb Oliver Goldschmidt: Hi Tim, thank you for that information, this explains perfectly, why I'm having trouble trying to write to a collection using IP authentication. I have tried what you described (being assigned to the administrator group for one IP address after logging in, independently from the specific user rights) - but unfortunately that does not work either. That scenario would fit my needs (of course it would be more comfortable by IP authentication, but I understand that is a possible security hole). So I guess its really impossible to assign the Admin role to someone, whose login data is not assigned to the Admin group. I'll try solving that problem by investigating the LDAP-authentication a little bit more - all our users are authenticated via LDAP, if its possible to assign ADMIN rights to some LDAP authenticated members, it would be sufficient. Otherwise I'll describe my use case more detailed in your ticketing system. Thanks again for that information! Best - Oliver Am 07.07.2014 17:03, schrieb Tim Donohue: Hi Oliver, I suspect there may be an assumption in the IP Authentication plugin that you are using it for READ access rather than full ADMIN access. The reality here is that the IP Authentication plugin was built primarily for one use case -- to allow unauthenticated users *READ* access to restricted content, based on an IP range. For example, if you use DSpace in a Library, you could provide users at a Library computer full-access to materials, while requiring authentication at a non-Library computer. We never really anticipated using IP Authentication for non-READ access rights, as it could be considered a security hole. For example, if someone gained access to your computer (which has ADMIN rights via IP) or that IP was accidentally allocated to a different computer, then someone else could suddenly have the ability to delete all the content in your DSpace. So, ADMIN rights are much more tightly controlled and require some form of password. That being said, I suspect the following *MAY* work: (1) Setup IP Authentication on the ADMIN Group for a specific IP, e.g. 127.0.0.1 (2) Have each of your Admins create an Account with DSpace. But, do NOT add them to the Administrator group. (3) Have them LOGIN (with their acct password) from the IP address in #1 (e.g. 127.0.0.1). They should be automatically a member of the Administrator group, as they are logged in from the IP address in question. If this doesn't quite meet your needs, or work how you'd like it to, then I'd recommend creating a new Feature Request ticket which describes the use case(s) you need to meet. That way we can review how IP Authentication currently works, and decide whether we can enhance it to meet your use cases. Here's a link to our ticketing system: https://jira.duraspace.org/browse/DS/ Also feel free to ask any followup questions here, if I've misunderstood! - Tim On 7/4/2014 3:16 AM, Oliver Goldschmidt wrote: Hi, I have tested if IP auth is working for groups different to Administrator group. I think it doesn't. That was my test scenario: - I have created TESTGROUP without any members - I have created a collection TESTCOLLECTION, in which only TESTGROUP can publish - I have configured authentication-ip.cfg as follows: ip.TESTGROUP = 134.x.y.z - I restarted tomcat Now I would expect, coming from 134.x.y.z, to be authorized automatically to publish in TESTCOLLECTION. But I am not allowed to do that - I do not see a publish-here-button in TESTCOLLECTION. So I guess there is still something wrong either with my configuration or in general. Any ideas how to debug that? Best regards Oliver Am 04.07.2014 09:31, schrieb Oliver Goldschmidt: James, thank you for your reply. In dspace.log I can see that DSpace gets the correct IP address, but it does not work. I can see my IP address in dspace.log: 2014-07-04 09:27:14,809 INFO org.dspace.browse.BrowseEngine @ anonymous:session_id=40D2B0A5B4C97XX:ip_addr=134.x.y.z:browse_mini: So I guess DSpace has the correct IP address, but IP authentication is still not working. I will try,
[Dspace-tech] Embargo questions - DSpace 4.0 JSPUI
Hello, As per the subject line: - Is the lift date of an embargoed item displayed anywhere (either publicly or as admin)? - Is there a tool available to modify the lift date, say, to extend an embargo by 3 months? - What's the relationship (if any) between the Private Item flag and the Visible/Embargo (from the AccessStep)? - Do the AccessStep and UploadWithEmbargoStep steps need to be enabled together, or can you combine AccessStep with UploadStep to only allow item-level embargoes? Thanks, Anthony Anthony Petryk Emerging Technologies Librarian | Bibliothécaire des technologies émergentes uOttawa Library | Bibliothèque uOttawa 613-562-5800 x4650 apet...@uottawa.camailto:apet...@uottawa.ca -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
[Dspace-tech] Conditional displaying of meta information when submitting content
Folks, I trust all is well. We are implementing Dspace 4.1 and we would like to display different meta field for different content types. For example, Comprehension Level if the content type is a Book. Is there a way to add constitutionality to the inputs-form.xml; or do I need to do it elsewhere. Thanks in advance for any assistance. Andy -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
[Dspace-tech] Shibboleth woes
Hi everyone, I've been having some problems getting Shibboleth and Dspace to play nice together, and I'm hoping that someone can help me see where I'm going wrong. Our current setup is Dspace 4.1 served by Tomcat 7 (on port 8080) with authentication handled through Shibboleth 2.5.2 via Apache httpd 2.4.6 (on port 80). The problem: After authenticating through Shibboleth, users are being redirected directly to Tomcat, bypassing httpd. This generates an Authentication Failed message since Tomcat isn't involved with the Shibboleth authentication, only httpd is. Background: Everything was set up based on the Shibboleth Authentication section of the Duraspace wiki, with one additional change. In the shibboleth2.xml config file, I set a manual handlerURL inside the Sessions tag. That URL ensures that requests for /Shibboleth.sso go to httpd instead of Tomcat. I found that if I didn't set it explicitly, I'd get a No peer endpoint available Shibboleth error instead of being redirected to our institution's Single Sign On page. I don't have a lot of experience with Apache or Shibboleth, so I'm hoping that a more seasoned veteran can steer me in the right direction. I wasn't sure what information would be pertinent, so I can certainly provide more if needed. Thanks in advance! Bryson Duda Systems Support Specialist Information Systems and Technical Services University of Lethbridge Library Phone: 403-332-4462 -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette