[Xerte] Re: Shibbolising XOT

Bruce Jackson bj1 at soas.ac.uk
Tue Jul 23 09:33:28 BST 2013


Hi again,

I've got a Shibboleth SP set up on the server to 'protect' the whole
website.
That's working OK, in that if a user goes to the site they get redirected
to the IdP, get identified, and then control is passed back to the xerte
server along with certain user credentials.
At that point I want to be able to use those credentials to log the user in.
I've had a go at what John suggested - creating a new 'Shib.php' script in
the .../Library/Xerte/Authentication folder and changing auth_config.php to
point at it.  However that just puts me at the standard xerte login screen
on return from the IdP authentication.  It doesn't throw any errors and
logs me in correctly if I fill in the details again, so I guess I've not
made any errors in the Shib.php script.  It's just not really doing what
I'm after.
Is there a way of achieving what I want?

Cheers,

Bruce



On 22 July 2013 15:33, Pat @ Pgogy <xerte at pgogywebstuff.com> wrote:

> Integration.txt is more of a single sign on botch job
>
> What John describes makes more sense
>
> I would grab a php shibboleth library and then use a cut up ldap php to
> call out to the library
>
> Pat
>
> On 22 Jul 2013, at 11:01, "Smith, John" <J.J.Smith at gcu.ac.uk> wrote:
>
> > Hi,
> >
> > I think for now you could duplicate the ldap auth file and rewrite:
> >
> > check()
> > _valid_login()
> > _validate_to_host()
> >
> > You'll need to hardwire some of the values as LDAP auth is hooked into
> the XOT database (we're working on changing the way this is done so that
> you should be able to store your Shib config values in XOT db more easily
> soon!ish)...
> >
> > As long as you return true and populate
> >
> > $this->_record = array('firstname' => xxxx], 'surname' => xxxx,
> 'username' => xxxx);
> >
> > then I believe that this should work... config.php will take care of the
> rest, including session_start()
> >
> > Regards,
> >
> > John Smith | Learning Technologist
> > Room A251, Govan Mbeki Building | School of Health & Life Sciences |
> Glasgow Caledonian University
> > Cowcaddens Road | Glasgow | G4 0BA
> > ________________________________________
> > From: xerte-bounces at lists.nottingham.ac.uk [
> xerte-bounces at lists.nottingham.ac.uk] On Behalf Of Bruce Jackson [
> bj1 at soas.ac.uk]
> > Sent: 22 July 2013 10:45
> > To: Xerte discussion list
> > Subject: [Xerte] Re: Shibbolising XOT
> >
> > Hi John,
> >
> > That was the route I was initially attempting, but ended confused as to
> what I should or shouldn't have included in my 'Shib.php' script.
> > Could I hack the 'Ldap.php' script for example, just leaving in the
> public functions getUsername, getFirstname and getSurname to return the
> values passed forward from the Shibboleth IdP?
> >
> > Cheers,
> >
> > Bruce
> >
> >
> >
> > On 22 July 2013 10:20, Smith, John <J.J.Smith at gcu.ac.uk<mailto:
> J.J.Smith at gcu.ac.uk>> wrote:
> > I'd advise NOT altering the core files (you will then run into upgrade
> probs in the future for one) but looking in \library\Xerte\Authentication
> and creating a new Shibboleth authentication class that is abstracted out
> and should then be able to just slot in...
> >
> > Then it should only be a case of adding a new authentication method to
> auth_config
> >
> > Regards,
> >
> > John Smith | Learning Technologist
> > Room A251, Govan Mbeki Building | School of Health & Life Sciences |
> Glasgow Caledonian University
> > Cowcaddens Road | Glasgow | G4 0BA
> > ________________________________________
> > From: xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk> [
> xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk>] On Behalf Of Bruce Jackson [
> bj1 at soas.ac.uk<mailto:bj1 at soas.ac.uk>]
> > Sent: 22 July 2013 10:04
> > To: xerte at lists.nottingham.ac.uk<mailto:xerte at lists.nottingham.ac.uk>
> > Subject: [Xerte] Shibbolising XOT
> >
> > Hello,
> >
> > We're trying to get Shibboleth working as a method of authentication
> here.
> >
> > From a thread on this forum back in November 2010 (
> http://lists.nottingham.ac.uk/pipermail/xerte/2010-November/007360.html),
> and from reading the comments in the integration.txt file, it appears it
> should be a fairly simple case of editing integration.txt to set the three
> variables ($_SESSION['toolkits_firstname'], $_SESSION['toolkits_surname']
> and $_SESSION['toolkits_logon_username']) to values obtained from the
> Shibboleth IdP, adding a call "session_start()" at the beginning of the
> script, and then renaming integration.txt to be index.php.
> >
> > When I do that and try to log in, the page I get back appears to have a
> chunk of html missing at the start - see below.
> > Should I be copying parts of the standard index.php script into the
> integration.txt version?
> >
> > Returned html:
> >
> > +++
> >
> >
> > <script type="text/javascript"> // JAVASCRIPT library for fixed variables
> > // management of javascript is set up here
> > // SITE SETTINGS
> > var site_url = "http://lamp1.lis.soas.ac.uk/xerte/";
> > var site_apache = "false";
> > var properties_ajax_php_path = "website_code/php/properties/";
> > var management_ajax_php_path = "website_code/php/management/";
> > var ajax_php_path = "website_code/php/";
> > <div class="folder" id="folder_workspace"
> ondblclick="folder_open_close(this)"
> onclick="highlight_main_toggle(this)"><p><img style="vertical-align:middle"
> src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/folder_workspace.gif"
> />Workspace</p></div><div id="folderchild_workspace" class="workspace"><div
> id="file_5" class="file" preview_size="800,665" editor_size="800,665"
> style="padding-left:20px"
> onmousedown="single_click(this);file_folder_click_pause(event)"
> onmouseup="file_drag_stop(event,this)"><img src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/Icon_Page.gif"
> style="vertical-align:middle" />BJProj</div><div id="file_6" class="file"
> preview_size="800,665" editor_size="800,665" style="padding-left:20px"
> onmousedown="single_click(this);file_folder_click_pause(event)"
> onmouseup="file_drag_stop(event,this)"><img src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/Icon_Page.gif"
> style="vertical-align:middle" />BJProj</div></div><div class="folder"
> id="recyclebin" ondblclick="folder_open_close(this)"
> onclick="highlight_main_toggle(this)"><p><img id="folder_recyclebin"
> style="vertical-align:middle" src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/rb_empty.gif"
> />Recycle Bin</p></div><div id="folderchild_recyclebin"
> class="folder_content"></div><div class="template"
> onmouseover="this.style.backgroundColor='#ebedf3'"
> onmouseout="this.style.backgroundColor='#fff'"><div
> class="template_icon"></div><div class="template_desc"><p
> class="template_name">Bootstrap Template</p><p class="template_desc_p">A
> responsive template for delivering content to all devices.<br><button
> type="button" class="xerte_button"
> onclick="javascript:template_toggle('site')">Create</button></div><div
> id="site" class="rename"><span>Enter a name for this project</span><form
> action="javascript:create_tutorial('site')" method="post"
> enctype="text/plain"><input type="text" width="200" id="filename"
> name="filename" /><br /><button type="submit" class="xerte_button" >Create
> Project</button></form></div></div><div class="template"
> onmouseover="this.style.backgroundColor='#ebedf3'"
> onmouseout="this.style.backgroundColor='#fff'"><div
> class="template_icon"></div><div class="template_desc"><p
> class="template_name">Xerte Online Toolkit</p><p class="template_desc_p">A
> flexible template for creating interactive learning objects.<br><button
> type="button" class="xerte_button"
> onclick="javascript:template_toggle('Nottingham')">Create</button></div><div
> id="Nottingham" class="rename"><span>Enter a name for this
> project</span><form action="javascript:create_tutorial('Nottingham')"
> method="post" enctype="text/plain"><input type="text" width="200"
> id="filename" name="filename" /><br /><button type="submit"
> class="xerte_button" >Create Project</button></form></div></div><div
> class="template" onmouseover="this.style.backgroundColor='#ebedf3'"
> onmouseout="this.style.backgroundColor='#fff'"><div
> class="template_icon"></div><div class="template_desc"><p
> class="template_name">RSS Feed</p><p class="template_desc_p">Easily create
> and maintain an RSS Feed.<br><button type="button" class="xerte_button"
> onclick="javascript:template_toggle('Rss')">Create</button></div><div
> id="Rss" class="rename"><span>Enter a name for this project</span><form
> action="javascript:create_tutorial('Rss')" method="post"
> enctype="text/plain"><input type="text" width="200" id="filename"
> name="filename" /><br /><button type="submit" class="xerte_button" >Create
> Project</button></form></div></div>
> > </body>
> > </html>
> >
> >
> > +++
> >
> > Thanks in advance for any help.
> >
> > Cheers,
> >
> > Bruce
> >
> > Glasgow Caledonian University is a registered Scottish charity, number
> SC021474
> >
> > Winner: Times Higher Education’s Widening Participation Initiative of
> the Year 2009 and Herald Society’s Education Initiative of the Year 2009.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
> >
> > Winner: Times Higher Education’s Outstanding Support for Early Career
> Researchers of the Year 2010, GCU as a lead with Universities Scotland
> partners.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
> > _______________________________________________
> > Xerte mailing list
> > Xerte at lists.nottingham.ac.uk<mailto:Xerte at lists.nottingham.ac.uk>
> > http://lists.nottingham.ac.uk/mailman/listinfo/xerte
> >
> > Glasgow Caledonian University is a registered Scottish charity, number
> SC021474
> >
> > Winner: Times Higher Education’s Widening Participation Initiative of
> the Year 2009 and Herald Society’s Education Initiative of the Year 2009.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
> >
> > Winner: Times Higher Education’s Outstanding Support for Early Career
> Researchers of the Year 2010, GCU as a lead with Universities Scotland
> partners.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
> >
> > _______________________________________________
> > Xerte mailing list
> > Xerte at lists.nottingham.ac.uk
> > http://lists.nottingham.ac.uk/mailman/listinfo/xerte
> > This message and any attachment are intended solely for the addressee
> and may contain confidential information. If you have received this message
> in error, please send it back to me, and immediately delete it.   Please do
> not use, copy or disclose the information contained in this message or in
> any attachment.  Any views or opinions expressed by the author of this
> email do not necessarily reflect the views of the University of Nottingham.
> >
> > This message has been checked for viruses but the contents of an
> attachment
> > may still contain software viruses which could damage your computer
> system, you are advised to perform your own checks. Email communications
> with the University of Nottingham may be monitored as permitted by UK
> legislation.
> >
> >
> >
> >
>
> _______________________________________________
> Xerte mailing list
> Xerte at lists.nottingham.ac.uk
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20130723/c9913b33/attachment-0001.html>


More information about the Xerte mailing list