[Xerte] Re: Shibbolising XOT
Bruce Jackson
bj1 at soas.ac.uk
Tue Jul 23 10:53:41 BST 2013
Hi,
I just found:
public function needsLogin ()
{
return false;
}
Marvellous. Getting there now. Thanks guys.
Cheers,
Bruce
On 23 July 2013 09:46, Smith, John <J.J.Smith at gcu.ac.uk> wrote:
> All shib.php (and the 3 functions i listed) does is return an array of
> firstname, surname and username and true if valid... You can just return
> that and do no auth whatsoever and accusers will have same details... I
> believe guest works similar to this...
>
> So what you need to do is print_r the shib session details once logged in
> (just to find out what is passed and transfer those details to the array...
>
> However if you change the cookie then shib may log you out so that may not
> work with the kind of overall Shib auth you have on all server traffic...
>
> You'll just need to try and see what happens...
>
> Regards
>
> John Smith
> Learning Technologist
> School of Health and Life Sciences
>
> Sent from Samsung Galaxy SII
>
>
>
> Bruce Jackson <bj1 at soas.ac.uk> wrote:
>
>
> Hi again,
>
> I've got a Shibboleth SP set up on the server to 'protect' the whole
> website.
> That's working OK, in that if a user goes to the site they get redirected
> to the IdP, get identified, and then control is passed back to the xerte
> server along with certain user credentials.
> At that point I want to be able to use those credentials to log the user
> in.
> I've had a go at what John suggested - creating a new 'Shib.php' script in
> the .../Library/Xerte/Authentication folder and changing auth_config.php to
> point at it. However that just puts me at the standard xerte login screen
> on return from the IdP authentication. It doesn't throw any errors and
> logs me in correctly if I fill in the details again, so I guess I've not
> made any errors in the Shib.php script. It's just not really doing what
> I'm after.
> Is there a way of achieving what I want?
>
> Cheers,
>
> Bruce
>
>
>
> On 22 July 2013 15:33, Pat @ Pgogy <xerte at pgogywebstuff.com<mailto:
> xerte at pgogywebstuff.com>> wrote:
> Integration.txt is more of a single sign on botch job
>
> What John describes makes more sense
>
> I would grab a php shibboleth library and then use a cut up ldap php to
> call out to the library
>
> Pat
>
> On 22 Jul 2013, at 11:01, "Smith, John" <J.J.Smith at gcu.ac.uk<mailto:
> J.J.Smith at gcu.ac.uk>> wrote:
>
> > Hi,
> >
> > I think for now you could duplicate the ldap auth file and rewrite:
> >
> > check()
> > _valid_login()
> > _validate_to_host()
> >
> > You'll need to hardwire some of the values as LDAP auth is hooked into
> the XOT database (we're working on changing the way this is done so that
> you should be able to store your Shib config values in XOT db more easily
> soon!ish)...
> >
> > As long as you return true and populate
> >
> > $this->_record = array('firstname' => xxxx], 'surname' => xxxx,
> 'username' => xxxx);
> >
> > then I believe that this should work... config.php will take care of the
> rest, including session_start()
> >
> > Regards,
> >
> > John Smith | Learning Technologist
> > Room A251, Govan Mbeki Building | School of Health & Life Sciences |
> Glasgow Caledonian University
> > Cowcaddens Road | Glasgow | G4 0BA
> > ________________________________________
> > From: xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk> [
> xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk>] On Behalf Of Bruce Jackson [
> bj1 at soas.ac.uk<mailto:bj1 at soas.ac.uk>]
> > Sent: 22 July 2013 10:45
> > To: Xerte discussion list
> > Subject: [Xerte] Re: Shibbolising XOT
> >
> > Hi John,
> >
> > That was the route I was initially attempting, but ended confused as to
> what I should or shouldn't have included in my 'Shib.php' script.
> > Could I hack the 'Ldap.php' script for example, just leaving in the
> public functions getUsername, getFirstname and getSurname to return the
> values passed forward from the Shibboleth IdP?
> >
> > Cheers,
> >
> > Bruce
> >
> >
> >
> > On 22 July 2013 10:20, Smith, John <J.J.Smith at gcu.ac.uk<mailto:
> J.J.Smith at gcu.ac.uk><mailto:J.J.Smith at gcu.ac.uk<mailto:J.J.Smith at gcu.ac.uk>>>
> wrote:
> > I'd advise NOT altering the core files (you will then run into upgrade
> probs in the future for one) but looking in \library\Xerte\Authentication
> and creating a new Shibboleth authentication class that is abstracted out
> and should then be able to just slot in...
> >
> > Then it should only be a case of adding a new authentication method to
> auth_config
> >
> > Regards,
> >
> > John Smith | Learning Technologist
> > Room A251, Govan Mbeki Building | School of Health & Life Sciences |
> Glasgow Caledonian University
> > Cowcaddens Road | Glasgow | G4 0BA
> > ________________________________________
> > From: xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk><mailto:
> xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk>> [
> xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk><mailto:
> xerte-bounces at lists.nottingham.ac.uk<mailto:
> xerte-bounces at lists.nottingham.ac.uk>>] On Behalf Of Bruce Jackson [
> bj1 at soas.ac.uk<mailto:bj1 at soas.ac.uk><mailto:bj1 at soas.ac.uk<mailto:
> bj1 at soas.ac.uk>>]
> > Sent: 22 July 2013 10:04
> > To: xerte at lists.nottingham.ac.uk<mailto:xerte at lists.nottingham.ac.uk
> ><mailto:xerte at lists.nottingham.ac.uk<mailto:xerte at lists.nottingham.ac.uk
> >>
> > Subject: [Xerte] Shibbolising XOT
> >
> > Hello,
> >
> > We're trying to get Shibboleth working as a method of authentication
> here.
> >
> > From a thread on this forum back in November 2010 (
> http://lists.nottingham.ac.uk/pipermail/xerte/2010-November/007360.html),
> and from reading the comments in the integration.txt file, it appears it
> should be a fairly simple case of editing integration.txt to set the three
> variables ($_SESSION['toolkits_firstname'], $_SESSION['toolkits_surname']
> and $_SESSION['toolkits_logon_username']) to values obtained from the
> Shibboleth IdP, adding a call "session_start()" at the beginning of the
> script, and then renaming integration.txt to be index.php.
> >
> > When I do that and try to log in, the page I get back appears to have a
> chunk of html missing at the start - see below.
> > Should I be copying parts of the standard index.php script into the
> integration.txt version?
> >
> > Returned html:
> >
> > +++
> >
> >
> > <script type="text/javascript"> // JAVASCRIPT library for fixed variables
> > // management of javascript is set up here
> > // SITE SETTINGS
> > var site_url = "http://lamp1.lis.soas.ac.uk/xerte/";
> > var site_apache = "false";
> > var properties_ajax_php_path = "website_code/php/properties/";
> > var management_ajax_php_path = "website_code/php/management/";
> > var ajax_php_path = "website_code/php/";
> > <div class="folder" id="folder_workspace"
> ondblclick="folder_open_close(this)"
> onclick="highlight_main_toggle(this)"><p><img style="vertical-align:middle"
> src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/folder_workspace.gif"
> />Workspace</p></div><div id="folderchild_workspace" class="workspace"><div
> id="file_5" class="file" preview_size="800,665" editor_size="800,665"
> style="padding-left:20px"
> onmousedown="single_click(this);file_folder_click_pause(event)"
> onmouseup="file_drag_stop(event,this)"><img src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/Icon_Page.gif"
> style="vertical-align:middle" />BJProj</div><div id="file_6" class="file"
> preview_size="800,665" editor_size="800,665" style="padding-left:20px"
> onmousedown="single_click(this);file_folder_click_pause(event)"
> onmouseup="file_drag_stop(event,this)"><img src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/Icon_Page.gif"
> style="vertical-align:middle" />BJProj</div></div><div class="folder"
> id="recyclebin" ondblclick="folder_open_close(this)"
> onclick="highlight_main_toggle(this)"><p><img id="folder_recyclebin"
> style="vertical-align:middle" src="
> http://lamp1.lis.soas.ac.uk/xerte//website_code/images/rb_empty.gif"
> />Recycle Bin</p></div><div id="folderchild_recyclebin"
> class="folder_content"></div><div class="template"
> onmouseover="this.style.backgroundColor='#ebedf3'"
> onmouseout="this.style.backgroundColor='#fff'"><div
> class="template_icon"></div><div class="template_desc"><p
> class="template_name">Bootstrap Template</p><p class="template_desc_p">A
> responsive template for delivering content to all devices.<br><button
> type="button" class="xerte_button"
> onclick="javascript:template_toggle('site')">Create</button></div><div
> id="site" class="rename"><span>Enter a name for this project</span><form
> action="javascript:create_tutorial('site')" method="post"
> enctype="text/plain"><input type="text" width="200" id="filename"
> name="filename" /><br /><button type="submit" class="xerte_button" >Create
> Project</button></form></div></div><div class="template"
> onmouseover="this.style.backgroundColor='#ebedf3'"
> onmouseout="this.style.backgroundColor='#fff'"><div
> class="template_icon"></div><div class="template_desc"><p
> class="template_name">Xerte Online Toolkit</p><p class="template_desc_p">A
> flexible template for creating interactive learning objects.<br><button
> type="button" class="xerte_button"
> onclick="javascript:template_toggle('Nottingham')">Create</button></div><div
> id="Nottingham" class="rename"><span>Enter a name for this
> project</span><form action="javascript:create_tutorial('Nottingham')"
> method="post" enctype="text/plain"><input type="text" width="200"
> id="filename" name="filename" /><br /><button type="submit"
> class="xerte_button" >Create Project</button></form></div></div><div
> class="template" onmouseover="this.style.backgroundColor='#ebedf3'"
> onmouseout="this.style.backgroundColor='#fff'"><div
> class="template_icon"></div><div class="template_desc"><p
> class="template_name">RSS Feed</p><p class="template_desc_p">Easily create
> and maintain an RSS Feed.<br><button type="button" class="xerte_button"
> onclick="javascript:template_toggle('Rss')">Create</button></div><div
> id="Rss" class="rename"><span>Enter a name for this project</span><form
> action="javascript:create_tutorial('Rss')" method="post"
> enctype="text/plain"><input type="text" width="200" id="filename"
> name="filename" /><br /><button type="submit" class="xerte_button" >Create
> Project</button></form></div></div>
> > </body>
> > </html>
> >
> >
> > +++
> >
> > Thanks in advance for any help.
> >
> > Cheers,
> >
> > Bruce
> >
> > Glasgow Caledonian University is a registered Scottish charity, number
> SC021474
> >
> > Winner: Times Higher Education’s Widening Participation Initiative of
> the Year 2009 and Herald Society’s Education Initiative of the Year 2009.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
> >
> > Winner: Times Higher Education’s Outstanding Support for Early Career
> Researchers of the Year 2010, GCU as a lead with Universities Scotland
> partners.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
> > _______________________________________________
> > Xerte mailing list
> > Xerte at lists.nottingham.ac.uk<mailto:Xerte at lists.nottingham.ac.uk
> ><mailto:Xerte at lists.nottingham.ac.uk<mailto:Xerte at lists.nottingham.ac.uk
> >>
> > http://lists.nottingham.ac.uk/mailman/listinfo/xerte
> >
> > Glasgow Caledonian University is a registered Scottish charity, number
> SC021474
> >
> > Winner: Times Higher Education’s Widening Participation Initiative of
> the Year 2009 and Herald Society’s Education Initiative of the Year 2009.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
> >
> > Winner: Times Higher Education’s Outstanding Support for Early Career
> Researchers of the Year 2010, GCU as a lead with Universities Scotland
> partners.
> >
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
> >
> > _______________________________________________
> > Xerte mailing list
> > Xerte at lists.nottingham.ac.uk<mailto:Xerte at lists.nottingham.ac.uk>
> > http://lists.nottingham.ac.uk/mailman/listinfo/xerte
> > This message and any attachment are intended solely for the addressee
> and may contain confidential information. If you have received this message
> in error, please send it back to me, and immediately delete it. Please do
> not use, copy or disclose the information contained in this message or in
> any attachment. Any views or opinions expressed by the author of this
> email do not necessarily reflect the views of the University of Nottingham.
> >
> > This message has been checked for viruses but the contents of an
> attachment
> > may still contain software viruses which could damage your computer
> system, you are advised to perform your own checks. Email communications
> with the University of Nottingham may be monitored as permitted by UK
> legislation.
> >
> >
> >
> >
>
> _______________________________________________
> Xerte mailing list
> Xerte at lists.nottingham.ac.uk<mailto:Xerte at lists.nottingham.ac.uk>
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte
>
>
> Glasgow Caledonian University is a registered Scottish charity, number
> SC021474
>
> Winner: Times Higher Education’s Widening Participation Initiative of the
> Year 2009 and Herald Society’s Education Initiative of the Year 2009.
>
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en.html
>
> Winner: Times Higher Education’s Outstanding Support for Early Career
> Researchers of the Year 2010, GCU as a lead with Universities Scotland
> partners.
>
> http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,15691,en.html
> _______________________________________________
> Xerte mailing list
> Xerte at lists.nottingham.ac.uk
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20130723/118a9581/attachment-0001.html>
More information about the Xerte
mailing list