Thank you guys for your help :)
I have one more question, if applicable. Should I rebuild dspace (Full
build), after applying changes to authentication-ldap.cfg file? or
restarting tomcat is enough?
Regards,
Nada Abo-Eita
On Mon, Nov 17, 2014 at 7:35 PM, Xerio Cheri <[email protected]>
wrote:
> Hi Nada,
>
> I've developed a pretty non-standard way to achieve this via a PostgreSQL
> TRIGGER statement. In that case, you have to create your group and see what
> 'id' has been given to it in the database (epersongroup
> table, eperson_group_id field). In the following example I assume it has ID
> 6, so you'd create a trigger like this:
>
> CREATE OR REPLACE FUNCTION addtoregistergroup()
> RETURNS TRIGGER AS $$
> DECLARE maxid integer;
> DECLARE real_maxid integer;
> DECLARE max_eperson integer;
> BEGIN
> PERFORM pg_sleep(1);
>
> SELECT MAX(eperson_id) INTO max_eperson FROM eperson;
> SELECT MAX(id) INTO maxid FROM epersongroup2eperson;
> SELECT SUM(maxid + 1) INTO real_maxid;
>
> INSERT INTO epersongroup2eperson(id, eperson_group_id, eperson_id)
> VALUES(real_maxid, 6, max_eperson);
>
> RETURN NULL;
> END;
> $$ LANGUAGE plpgsql;
>
> Now you just have to assign that TRIGGER to the eperson table:
>
> CREATE TRIGGER autoadd2regs
> AFTER INSERT ON eperson
> EXECUTE PROCEDURE addtoregistergroup();
>
>
> This has one big disatvantage: if you create a administrator via the
> './dspace create-administrator' command, this won't work, as there will be
> 2 insertions in the epersongroup2eperson table and they will be trying to
> insert the same key, so you'll see an exception being thrown due to
> duplicate key violation. This would mean you would need to grant the
> Administrator privileges to users via the XMLUI/JSPUI interface, in the
> 'Access control' menu.
>
> Otherwise, it has worked perfectly to me so far.
>
> HTH,
>
> Regards.
>
> 2014-11-17 14:50 GMT+00:00 helix84 <[email protected]>:
>
>> Hi Nada,
>>
>> if you're using LDAP, you may put the name of a DSpace group (create
>> this group first) into login.specialgroup [1] and all users who log in
>> via LDAP will be members of this group while they're logged in. You
>> can check this group membership in the profile of the logged in user.
>> In addition, you may put LDAP users into different DSpace groups based
>> either on their LDAP DN or value of an LDAP attribute [2].
>> All of this is documented in [3]
>>
>> If you're using Shibboleth, read more about role-based groups here [4]
>> and here [5].
>>
>> [1]
>> https://github.com/DSpace/DSpace/blob/dspace-4_x/dspace/config/modules/authentication-ldap.cfg#L109
>> [2]
>> https://github.com/DSpace/DSpace/blob/dspace-4_x/dspace/config/modules/authentication-ldap.cfg#L150
>> [3]
>> https://wiki.duraspace.org/display/DSDOC4x/Authentication+Plugins#AuthenticationPlugins-ConfiguringLDAPAuthentication
>> [4]
>> https://wiki.duraspace.org/display/DSDOC4x/Authentication+Plugins#AuthenticationPlugins-DSpaceShibbolethConfigurationOptions
>> [5]
>> https://github.com/DSpace/DSpace/blob/dspace-4_x/dspace/config/modules/authentication-shibboleth.cfg#L147
>>
>>
>> Regards,
>> ~~helix84
>>
>> Compulsory reading: DSpace Mailing List Etiquette
>> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>>
>>
>> ------------------------------------------------------------------------------
>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
>> with Interactivity, Sharing, Native Excel Exports, App Integration & more
>> Get technology previously reserved for billion-dollar corporations, FREE
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
>> _______________________________________________
>> DSpace-tech mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/dspace-tech
>> List Etiquette:
>> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>>
>
>
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
