Dear all,
My institution uses a Shibboleth 2 IDP (with LDAP authentication that
follows the eduPerson schema) and I'm looking for a way to /quickly/
implement Shibboleth authentication in a new Invenio (v1.x) installation.
For the moment, I have:
* Installed Invenio v1.x (from master) and created the demo site :)
* Installed (but not yet configured) the latest SP from the official
Shibboleth repo, on the Invenio site
* Configured the access_control_config file to ensure
CFG_EXTERNAL_AUTH_USING_SSO is set (in a similar way to what CERN does)
* Rerun the inveniocfg --create-apache-conf to create the additional
apache directives needed for Shibboleth
So far, everything does _not_ work, as expected...
https://CFG_SITE_URL/youraccount/login|Shibboleth.sso/ correctly returns
a "No MetadataProvider" exception, because I have not yet configured the
shibboleth2.xml, attribute-map.xml, etc files (this is the next in my
TODO list).
For sure, I will have to come back with more specific questions, once I
have a proper response from the Institutional IDP with all the required
attributes, however, in the meantime, I was wondering how difficult it
would be for a novice python programmer to implement the required
classes mentioned in webaccess-admin-guide for the shibboleth
authentication, and whether anyone who has already been through this, is
willing to share the knowledge and experiences behind the process.
Kind regards,
Theodoros Theodoropoulos
