vcl-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Thompson <josh_thomp...@ncsu.edu>
Subject Re: Shibboleth user group creation and managment - Solved
Date Thu, 02 Aug 2012 12:46:38 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Al,

What did you update in shibauth/index.php?  My knowledge of Shibboleth is 
somewhat limited, but I would not have thought it needed any changes, just a 
change in how the shibboleth mappings are configured in 
/etc/shibboleth/attribute-map.xml.

Josh

On Thursday, August 02, 2012 12:37:04 PM Evelio Quiros wrote:
> Hello Josh,
> 
> Yes, that was the problem.
> I updated index.php in the shibauth directory, and mapped the affiliation
> attributes to the database.
> Now it works again. Thanks for your help.
> 
> Al Quiros
> Florida International University
> 
> On 8/1/12 4:36 PM, "Josh Thompson" <josh_thompson@ncsu.edu> wrote:
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >Al,
> >
> >There were not many changes to the code related to Shibboleth. It sounds
> >like
> >Shibboleth may not be passing the correct affiliation information for the
> >student user to the VCL web code.  You can create a file in vcl/shibauth
> >named
> >shibdata.php with the following in it to see what is getting passed to
> >the VCL
> >code by Shibboleth:
> >
> ><?php
> >print "<pre>";
> >print_r($_SERVER);
> >print "</pre>";
> >}
> >?>
> >
> >Then, open https://your.vcl.site/vcl/shibauth/shibdata.php with the
> >problematic user logged in to see if anything is set for [affiliation].
> >If
> >you do not, or the field is just an empty string, then VCL is not getting
> >the
> >data from Shibboleth.
> >
> >Josh
> >
> >On Wednesday, August 01, 2012 5:06:34 PM Evelio Quiros wrote:
> >> Hello All,
> >> 
> >> We just upgraded our 2.2.1 installation to 2.3.
> >> 
> >> Before update, students were able to login and be put into a
> >> "shib-student" group.
> >> VCL would have created the group on first login.
> >> But after the upgrade, students can still login, but the VCL did not
> >> create the shib-student group.
> >> 
> >> I added the group manually to the database as a federated group, but
> >> student logins are not being put into it.
> >> 
> >> Staff can login using Shibboleth, and they are put into the shib-staff
> >> group ok.
> >> 
> >> Did something change in the way VCL handles Shibboleth with the new
> >> version ?
> >> Did I forget to copy over a config from the old site ?
> >> 
> >> Thanks,
> >> Al Q
> >> FIU
> >
> >- --
> >- -------------------------------
> >Josh Thompson
> >VCL Developer
> >North Carolina State University
> >
> >my GPG/PGP key can be found at pgp.mit.edu
> >
> >All electronic mail messages in connection with State business which
> >are sent to or received by this account are subject to the NC Public
> >Records Law and may be disclosed to third parties.
> >-----BEGIN PGP SIGNATURE-----
> >Version: GnuPG v2.0.17 (GNU/Linux)
> >
> >iEYEARECAAYFAlAZk3AACgkQV/LQcNdtPQMoMACeL/QBd0AaMS8la8cq059ClQ5E
> >9O4AnRZDmCclzYfzJNPY7kUJVBxAkaHJ
> >=XIE6
> >-----END PGP SIGNATURE-----
- -- 
- -------------------------------
Josh Thompson
VCL Developer
North Carolina State University

my GPG/PGP key can be found at pgp.mit.edu

All electronic mail messages in connection with State business which
are sent to or received by this account are subject to the NC Public
Records Law and may be disclosed to third parties.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAlAadrIACgkQV/LQcNdtPQOFPQCbB9O1VkvOiG9UjJQCrwnxthr4
NNwAn2U8ZxLtm1Zt0+hEjExbmbPJTP1a
=EB6H
-----END PGP SIGNATURE-----


Mime
View raw message