Hello Helix,
Thank you for your insight into this problem.
As you have exactly guessed, my use case is to : Get the Kerberos
authenticated user from Apache : use the Remote_user variable, with the
help of dspace and just get the respective details of that user from LDAP.
The user would then be automatically registered as an e-person with the
help of his retrieved details. Later, the administrator could modify the
authorization policies of each e-person.
Regarding receiving the users details from Apache headers, i haven't
checked that yet. But since, the Apache server that we are using is used
for many other apps too. we did not want to integrate this feature into
Apache just because of dspace.
Since dspace, has a pretty good workflow, to get details from LDAP and
auto-register that person (I had already customized that part). I just
wanted to go forward and make use of this comfortable feature instead.
Also, in near future, i would want to customize the xmlui web design,
change the workflow and the remove login and registration options with few
other features.
Since I would anyway, have to learn more about xmlui. I thought of,
starting with this auto login/register feature inside dspace.
I would try and make use of your idea, of integrating IP authentication
class for accessing LDAP and registering him as an e-person.
I hope, it authenticates the user before showing the homepage or profile
page. I would not want the user to click on login just to trigger a
registration response.
Thank you for the help helix. I would get back to you, once i try your
approach.
Regards,
Lohit
On Mon, Sep 10, 2012 at 5:59 PM, Lohit Valleru wrote:
> Hello Helix,
>
> Thank you for your insight into this problem.
>
> As you have exactly guessed, my use case is to : Get the Kerberos
> authenticated user from Apache : use the Remote_user variable, with the
> help of dspace and just get the respective details of that user from LDAP.
> The user would then be automatically registered as an e-person with the
> help of his retrieved details. Later, the administrator could modify the
> authorization policies of each e-person.
>
> Regarding receiving the users details from Apache headers, i haven't
> checked that yet. But since, the Apache server that we are using is used
> for many other apps too. we did not want to integrate this feature into
> Apache just because of dspace.
>
> Since dspace, has a pretty good workflow, to get details from LDAP and
> auto-register that person (I had already customized that part). I just
> wanted to go forward and make use of this comfortable feature instead.
>
> Also, in near future, i would want to customize the xmlui web design,
> change the workflow and the remove login and registration options with few
> other features.
>
> Since I would anyway, have to learn more about xmlui. I thought of,
> starting with this auto login/register feature inside dspace.
>
> I would try and make use of your idea, of integrating IP authentication
> class for accessing LDAP and registering him as an e-person.
>
> I hope, it authenticates the user before showing the homepage or profile
> page. I would not want the user to click on login just to trigger a
> registration response.
>
> Thank you for the help helix. I would get back to you, once i try your
> approach.
>
> Regards,
>
> Lohit
>
> On Mon, Sep 10, 2012 at 5:22 PM, helix84 wrote:
>
>> On Mon, Sep 10, 2012 at 10:13 PM, Lohit Valleru
>> wrote:
>> > Hi Helix,
>> >
>> > Thanks for the quick reply.
>> >
>> > I understand the below approach and its a good one. However , may i
>> know, if
>> > IP Authentication class is called, as soon as the Home page loads? or
>> is it
>> > called once i click the login link on the home page?
>> >
>> > I assume, IP authentication should not necessitate the need for
>> username,
>> > but i just wanted to confirm.
>> >
>> > If IP authentication is done before the Home page is loaded. I would be
>> > grateful to use the below approach.
>> >
>> > ( forgot to mention: I want to authenticate the remote_user with LDAP
>> server
>> > and was therefore looking for a way to call LDAP hierarchal
>> authentication
>> > before the home page loads)
>> >
>> > Also, though the authentication done in java class files is not xmlui or
>> > jspui specific, I realize , that the method used to call these methods
>> from
>> > client is different when it comes to XMLUI and JSPUI. JSPUI used
>> servlets
>> > and its easy to understand, what is called when, however it was not the
>> same
>> > case with XMLUI.
>> >
>> > The main use case is, i want the user to be automatically authenticated
>> > before the Dspace homepage loads.
>> >
>> > Thank you helix. I hope i understood your approach in the right manner.
>> >
>> > I would be happy to take your help.
>> >
>> > Regards,
>> >
>> > Lohit
>>
>> Please, always CC dspace-tech when replying.
>>
>>
>> Honestly, it's been a long time since I tried IPAuthentication, so I
>> don't remember.
>> I just