Re: [Dspace-tech] Shibboleth login on DSpace 4.2
Thanks, Tim: I will let you know if I end up solving things on my end. -Original Message- From: Tim Donohue [mailto:tdono...@duraspace.org] Sent: Friday, February 27, 2015 11:00 AM To: George Stanley Kozak; dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] Shibboleth login on DSpace 4.2 George, One last tip/hint. I just recalled I had a Sample config for testshib.org testing sitting around. This is untested for some time, but I think it *should* work, and maybe it'll lead you in the right direction. I stuck it in a Gist (off GitHub) just cause it's easier to read there: https://gist.github.com/tdonohue/423f173bfcc2baec76ce If this ends up being helpful let me know...we can always add something similar to the official docs. - Tim On 2/27/2015 9:35 AM, Tim Donohue wrote: Hi George, While I don't know the exact answer you need (as Shibboleth admittedly can be complex and unique to how you have things setup), you may wish to review some of the hints/tips in the DSpace Shibboleth Plugin docs: https://wiki.duraspace.org/display/DSDOC5x/Authentication+Plugins#Auth enticationPlugins-ShibbolethAuthentication Specifically, if your local IdP is not working properly, you could do some initial testing against https://www.testshib.org/ (which provides a sample/demo IdP) just to try and get the basics working. The problem could be in your shibboleth2.xml, or it's even possible you have something misconfigured in your mod_shib settings (which we do have a sample for in our docs) or authentication-shibboleth.cfg. So, it's possible that trying to do testing against https://www.testshib.org/ may help you narrow down the problem area. Just an idea, if you are stumped. If you *do* discover a mistake in our docs, or a clarification we should be making, definitely let us know as we'd love to enhance the docs further for others. - Tim On 2/27/2015 9:08 AM, George Stanley Kozak wrote: Tim: Not a problem. I'm still struggling getting Shibboleth to work, but if I figure it out, I will let everyone know what I found out (it's probably just a simple configuration problem). -Original Message- From: Tim Donohue [mailto:tdono...@duraspace.org] Sent: Thursday, February 26, 2015 4:43 PM To: dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] Shibboleth login on DSpace 4.2 Hi George, Apologies, I just responded to the wrong thread. :) This was meant for someone else, as you are obviously using Shibboleth authentication. - Tim On 2/26/2015 3:39 PM, Tim Donohue wrote: Hi George, Sorry for the delayed response. This issue sounds very similar to this bug: https://jira.duraspace.org/browse/DS-2421 Simply put, I'm fairly certain the LDAPAuthentication plugin is not working correctly *unless* you configure either: search.anonymous=true OR specify both: search.user and search.password These are all in the authentication-ldap.cfg configuration file. I'm still searching out a volunteer to help resolve this bug in the code. Unfortunately, I don't have an LDAP locally that I can easily test against. - Tim On 2/23/2015 1:47 PM, George Stanley Kozak wrote: Hi... I'm trying to implement the Shibboleth Login as an option on my DSpace V. 4.2 XMLUI system. I am getting the proper login screen, but after logging in, I get Authentication Failed In the DSPace logs, I see: ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from. ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unable to find an email address along with first and last name for the user. NetId Header: 'SHIB-NETID'='null' (Optional) Email Header: 'SHIB-MAIL'='null' First Name Header: 'SHIB-GIVENNAME'='null' Last Name Header: 'SHIB-SURNAME'='null' I'm trying to debug that now. I am wondering if I have the entityID and homeURL set correctly in my shibboleth2.xml file. What is the recommended settings for these values if one is using a DSpace installation? Thank you in advance for any help or suggestions. George Kozak Digital Library Specialist Cornell University Library Information Technologies (CUL-IT) 218 Olin Library Cornell University Ithaca, NY 14853 607-255-8924 --- -- - Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/os tg .clktrk ___ DSpace-tech mailing list DSpace-tech
Re: [Dspace-tech] Shibboleth login on DSpace 4.2
Hi George, While I don't know the exact answer you need (as Shibboleth admittedly can be complex and unique to how you have things setup), you may wish to review some of the hints/tips in the DSpace Shibboleth Plugin docs: https://wiki.duraspace.org/display/DSDOC5x/Authentication+Plugins#AuthenticationPlugins-ShibbolethAuthentication Specifically, if your local IdP is not working properly, you could do some initial testing against https://www.testshib.org/ (which provides a sample/demo IdP) just to try and get the basics working. The problem could be in your shibboleth2.xml, or it's even possible you have something misconfigured in your mod_shib settings (which we do have a sample for in our docs) or authentication-shibboleth.cfg. So, it's possible that trying to do testing against https://www.testshib.org/ may help you narrow down the problem area. Just an idea, if you are stumped. If you *do* discover a mistake in our docs, or a clarification we should be making, definitely let us know as we'd love to enhance the docs further for others. - Tim On 2/27/2015 9:08 AM, George Stanley Kozak wrote: Tim: Not a problem. I'm still struggling getting Shibboleth to work, but if I figure it out, I will let everyone know what I found out (it's probably just a simple configuration problem). -Original Message- From: Tim Donohue [mailto:tdono...@duraspace.org] Sent: Thursday, February 26, 2015 4:43 PM To: dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] Shibboleth login on DSpace 4.2 Hi George, Apologies, I just responded to the wrong thread. :) This was meant for someone else, as you are obviously using Shibboleth authentication. - Tim On 2/26/2015 3:39 PM, Tim Donohue wrote: Hi George, Sorry for the delayed response. This issue sounds very similar to this bug: https://jira.duraspace.org/browse/DS-2421 Simply put, I'm fairly certain the LDAPAuthentication plugin is not working correctly *unless* you configure either: search.anonymous=true OR specify both: search.user and search.password These are all in the authentication-ldap.cfg configuration file. I'm still searching out a volunteer to help resolve this bug in the code. Unfortunately, I don't have an LDAP locally that I can easily test against. - Tim On 2/23/2015 1:47 PM, George Stanley Kozak wrote: Hi... I'm trying to implement the Shibboleth Login as an option on my DSpace V. 4.2 XMLUI system. I am getting the proper login screen, but after logging in, I get Authentication Failed In the DSPace logs, I see: ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from. ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unable to find an email address along with first and last name for the user. NetId Header: 'SHIB-NETID'='null' (Optional) Email Header: 'SHIB-MAIL'='null' First Name Header: 'SHIB-GIVENNAME'='null' Last Name Header: 'SHIB-SURNAME'='null' I'm trying to debug that now. I am wondering if I have the entityID and homeURL set correctly in my shibboleth2.xml file. What is the recommended settings for these values if one is using a DSpace installation? Thank you in advance for any help or suggestions. George Kozak Digital Library Specialist Cornell University Library Information Technologies (CUL-IT) 218 Olin Library Cornell University Ithaca, NY 14853 607-255-8924 - - Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/ostg .clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Shibboleth login on DSpace 4.2
George, One last tip/hint. I just recalled I had a Sample config for testshib.org testing sitting around. This is untested for some time, but I think it *should* work, and maybe it'll lead you in the right direction. I stuck it in a Gist (off GitHub) just cause it's easier to read there: https://gist.github.com/tdonohue/423f173bfcc2baec76ce If this ends up being helpful let me know...we can always add something similar to the official docs. - Tim On 2/27/2015 9:35 AM, Tim Donohue wrote: Hi George, While I don't know the exact answer you need (as Shibboleth admittedly can be complex and unique to how you have things setup), you may wish to review some of the hints/tips in the DSpace Shibboleth Plugin docs: https://wiki.duraspace.org/display/DSDOC5x/Authentication+Plugins#AuthenticationPlugins-ShibbolethAuthentication Specifically, if your local IdP is not working properly, you could do some initial testing against https://www.testshib.org/ (which provides a sample/demo IdP) just to try and get the basics working. The problem could be in your shibboleth2.xml, or it's even possible you have something misconfigured in your mod_shib settings (which we do have a sample for in our docs) or authentication-shibboleth.cfg. So, it's possible that trying to do testing against https://www.testshib.org/ may help you narrow down the problem area. Just an idea, if you are stumped. If you *do* discover a mistake in our docs, or a clarification we should be making, definitely let us know as we'd love to enhance the docs further for others. - Tim On 2/27/2015 9:08 AM, George Stanley Kozak wrote: Tim: Not a problem. I'm still struggling getting Shibboleth to work, but if I figure it out, I will let everyone know what I found out (it's probably just a simple configuration problem). -Original Message- From: Tim Donohue [mailto:tdono...@duraspace.org] Sent: Thursday, February 26, 2015 4:43 PM To: dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] Shibboleth login on DSpace 4.2 Hi George, Apologies, I just responded to the wrong thread. :) This was meant for someone else, as you are obviously using Shibboleth authentication. - Tim On 2/26/2015 3:39 PM, Tim Donohue wrote: Hi George, Sorry for the delayed response. This issue sounds very similar to this bug: https://jira.duraspace.org/browse/DS-2421 Simply put, I'm fairly certain the LDAPAuthentication plugin is not working correctly *unless* you configure either: search.anonymous=true OR specify both: search.user and search.password These are all in the authentication-ldap.cfg configuration file. I'm still searching out a volunteer to help resolve this bug in the code. Unfortunately, I don't have an LDAP locally that I can easily test against. - Tim On 2/23/2015 1:47 PM, George Stanley Kozak wrote: Hi... I'm trying to implement the Shibboleth Login as an option on my DSpace V. 4.2 XMLUI system. I am getting the proper login screen, but after logging in, I get Authentication Failed In the DSPace logs, I see: ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from. ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unable to find an email address along with first and last name for the user. NetId Header: 'SHIB-NETID'='null' (Optional) Email Header: 'SHIB-MAIL'='null' First Name Header: 'SHIB-GIVENNAME'='null' Last Name Header: 'SHIB-SURNAME'='null' I'm trying to debug that now. I am wondering if I have the entityID and homeURL set correctly in my shibboleth2.xml file. What is the recommended settings for these values if one is using a DSpace installation? Thank you in advance for any help or suggestions. George Kozak Digital Library Specialist Cornell University Library Information Technologies (CUL-IT) 218 Olin Library Cornell University Ithaca, NY 14853 607-255-8924 - - Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/ostg .clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed
Re: [Dspace-tech] Shibboleth login on DSpace 4.2
Tim: Not a problem. I'm still struggling getting Shibboleth to work, but if I figure it out, I will let everyone know what I found out (it's probably just a simple configuration problem). -Original Message- From: Tim Donohue [mailto:tdono...@duraspace.org] Sent: Thursday, February 26, 2015 4:43 PM To: dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] Shibboleth login on DSpace 4.2 Hi George, Apologies, I just responded to the wrong thread. :) This was meant for someone else, as you are obviously using Shibboleth authentication. - Tim On 2/26/2015 3:39 PM, Tim Donohue wrote: Hi George, Sorry for the delayed response. This issue sounds very similar to this bug: https://jira.duraspace.org/browse/DS-2421 Simply put, I'm fairly certain the LDAPAuthentication plugin is not working correctly *unless* you configure either: search.anonymous=true OR specify both: search.user and search.password These are all in the authentication-ldap.cfg configuration file. I'm still searching out a volunteer to help resolve this bug in the code. Unfortunately, I don't have an LDAP locally that I can easily test against. - Tim On 2/23/2015 1:47 PM, George Stanley Kozak wrote: Hi... I'm trying to implement the Shibboleth Login as an option on my DSpace V. 4.2 XMLUI system. I am getting the proper login screen, but after logging in, I get Authentication Failed In the DSPace logs, I see: ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from. ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unable to find an email address along with first and last name for the user. NetId Header: 'SHIB-NETID'='null' (Optional) Email Header: 'SHIB-MAIL'='null' First Name Header: 'SHIB-GIVENNAME'='null' Last Name Header: 'SHIB-SURNAME'='null' I'm trying to debug that now. I am wondering if I have the entityID and homeURL set correctly in my shibboleth2.xml file. What is the recommended settings for these values if one is using a DSpace installation? Thank you in advance for any help or suggestions. George Kozak Digital Library Specialist Cornell University Library Information Technologies (CUL-IT) 218 Olin Library Cornell University Ithaca, NY 14853 607-255-8924 - - Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/ostg .clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Shibboleth login on DSpace 4.2
Tim: Thank you. The EntityID in your example was one of the things I needed. Also, I needed to find the proper value used by our site for the email-header which is defined in the authentication-shibboleth.cfg. So, I have Shibboleth working now. -Original Message- From: Tim Donohue [mailto:tdono...@duraspace.org] Sent: Friday, February 27, 2015 11:00 AM To: George Stanley Kozak; dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] Shibboleth login on DSpace 4.2 George, One last tip/hint. I just recalled I had a Sample config for testshib.org testing sitting around. This is untested for some time, but I think it *should* work, and maybe it'll lead you in the right direction. I stuck it in a Gist (off GitHub) just cause it's easier to read there: https://gist.github.com/tdonohue/423f173bfcc2baec76ce If this ends up being helpful let me know...we can always add something similar to the official docs. - Tim On 2/27/2015 9:35 AM, Tim Donohue wrote: Hi George, While I don't know the exact answer you need (as Shibboleth admittedly can be complex and unique to how you have things setup), you may wish to review some of the hints/tips in the DSpace Shibboleth Plugin docs: https://wiki.duraspace.org/display/DSDOC5x/Authentication+Plugins#Auth enticationPlugins-ShibbolethAuthentication Specifically, if your local IdP is not working properly, you could do some initial testing against https://www.testshib.org/ (which provides a sample/demo IdP) just to try and get the basics working. The problem could be in your shibboleth2.xml, or it's even possible you have something misconfigured in your mod_shib settings (which we do have a sample for in our docs) or authentication-shibboleth.cfg. So, it's possible that trying to do testing against https://www.testshib.org/ may help you narrow down the problem area. Just an idea, if you are stumped. If you *do* discover a mistake in our docs, or a clarification we should be making, definitely let us know as we'd love to enhance the docs further for others. - Tim On 2/27/2015 9:08 AM, George Stanley Kozak wrote: Tim: Not a problem. I'm still struggling getting Shibboleth to work, but if I figure it out, I will let everyone know what I found out (it's probably just a simple configuration problem). -Original Message- From: Tim Donohue [mailto:tdono...@duraspace.org] Sent: Thursday, February 26, 2015 4:43 PM To: dspace-tech@lists.sourceforge.net Subject: Re: [Dspace-tech] Shibboleth login on DSpace 4.2 Hi George, Apologies, I just responded to the wrong thread. :) This was meant for someone else, as you are obviously using Shibboleth authentication. - Tim On 2/26/2015 3:39 PM, Tim Donohue wrote: Hi George, Sorry for the delayed response. This issue sounds very similar to this bug: https://jira.duraspace.org/browse/DS-2421 Simply put, I'm fairly certain the LDAPAuthentication plugin is not working correctly *unless* you configure either: search.anonymous=true OR specify both: search.user and search.password These are all in the authentication-ldap.cfg configuration file. I'm still searching out a volunteer to help resolve this bug in the code. Unfortunately, I don't have an LDAP locally that I can easily test against. - Tim On 2/23/2015 1:47 PM, George Stanley Kozak wrote: Hi... I'm trying to implement the Shibboleth Login as an option on my DSpace V. 4.2 XMLUI system. I am getting the proper login screen, but after logging in, I get Authentication Failed In the DSPace logs, I see: ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from. ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unable to find an email address along with first and last name for the user. NetId Header: 'SHIB-NETID'='null' (Optional) Email Header: 'SHIB-MAIL'='null' First Name Header: 'SHIB-GIVENNAME'='null' Last Name Header: 'SHIB-SURNAME'='null' I'm trying to debug that now. I am wondering if I have the entityID and homeURL set correctly in my shibboleth2.xml file. What is the recommended settings for these values if one is using a DSpace installation? Thank you in advance for any help or suggestions. George Kozak Digital Library Specialist Cornell University Library Information Technologies (CUL-IT) 218 Olin Library Cornell University Ithaca, NY 14853 607-255-8924 --- -- - Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http
Re: [Dspace-tech] Shibboleth login on DSpace 4.2
Hi George, Sorry for the delayed response. This issue sounds very similar to this bug: https://jira.duraspace.org/browse/DS-2421 Simply put, I'm fairly certain the LDAPAuthentication plugin is not working correctly *unless* you configure either: search.anonymous=true OR specify both: search.user and search.password These are all in the authentication-ldap.cfg configuration file. I'm still searching out a volunteer to help resolve this bug in the code. Unfortunately, I don't have an LDAP locally that I can easily test against. - Tim On 2/23/2015 1:47 PM, George Stanley Kozak wrote: Hi… I’m trying to implement the Shibboleth Login as an option on my DSpace V. 4.2 XMLUI system. I am getting the proper login screen, but after logging in, I get “Authentication Failed” In the DSPace logs, I see: ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from. ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unable to find an email address along with first and last name for the user. NetId Header: 'SHIB-NETID'='null' (Optional) Email Header: 'SHIB-MAIL'='null' First Name Header: 'SHIB-GIVENNAME'='null' Last Name Header: 'SHIB-SURNAME'='null' I’m trying to debug that now. I am wondering if I have the entityID and homeURL set correctly in my shibboleth2.xml file. What is the recommended settings for these values if one is using a DSpace installation? Thank you in advance for any help or suggestions. George Kozak Digital Library Specialist Cornell University Library Information Technologies (CUL-IT) 218 Olin Library Cornell University Ithaca, NY 14853 607-255-8924 -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Shibboleth login on DSpace 4.2
Hi George, Apologies, I just responded to the wrong thread. :) This was meant for someone else, as you are obviously using Shibboleth authentication. - Tim On 2/26/2015 3:39 PM, Tim Donohue wrote: Hi George, Sorry for the delayed response. This issue sounds very similar to this bug: https://jira.duraspace.org/browse/DS-2421 Simply put, I'm fairly certain the LDAPAuthentication plugin is not working correctly *unless* you configure either: search.anonymous=true OR specify both: search.user and search.password These are all in the authentication-ldap.cfg configuration file. I'm still searching out a volunteer to help resolve this bug in the code. Unfortunately, I don't have an LDAP locally that I can easily test against. - Tim On 2/23/2015 1:47 PM, George Stanley Kozak wrote: Hi… I’m trying to implement the Shibboleth Login as an option on my DSpace V. 4.2 XMLUI system. I am getting the proper login screen, but after logging in, I get “Authentication Failed” In the DSPace logs, I see: ERROR org.dspace.authenticate.ShibAuthentication @ Shibboleth authentication was not able to find a NetId, Email, or Tomcat Remote user for which to indentify a user from. ERROR org.dspace.authenticate.ShibAuthentication @ Unable to register new eperson because we are unable to find an email address along with first and last name for the user. NetId Header: 'SHIB-NETID'='null' (Optional) Email Header: 'SHIB-MAIL'='null' First Name Header: 'SHIB-GIVENNAME'='null' Last Name Header: 'SHIB-SURNAME'='null' I’m trying to debug that now. I am wondering if I have the entityID and homeURL set correctly in my shibboleth2.xml file. What is the recommended settings for these values if one is using a DSpace installation? Thank you in advance for any help or suggestions. George Kozak Digital Library Specialist Cornell University Library Information Technologies (CUL-IT) 218 Olin Library Cornell University Ithaca, NY 14853 607-255-8924 -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette