Hi Miguel,
I don't have many answers for you, just some more information. Mark Wood
has in fact recently proposed that we don't need to store user's data in
our DB, but we currently do that:
https://jira.duraspace.org/browse/DS-1547
> What steps would be necessary to create a one-time session for the
authenticated user without storing their credentials in the DSpace DB?
I don't think you can easily do that by simply by modifying an
authentication plugin. You can see that an authentication plugin always
calls eperson.update(), which in turn updates a row in the eperson table
(see LDAP, Shibboleth). So you'd have to change the EPerson class, too.
The alternative, as in IPAuthentication, is just to add the user to a
special group, but I don't think that would be enough for you because in
that case you cannot tell individual users apart - so you couldn't use CAS
for users who submit content.
Regards,
~~helix84
Compulsory reading: DSpace Mailing List Etiquette
https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
