Versions Compared

Old Version 5

changes.mady.by.user Tim Donohue

Saved on

compared with

New Version 6

changes.mady.by.user Mark H. Wood

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Fixed "netted" -> "NetID"

...

If you are currently using Email based authentication (either 1 or 2) and want to upgrade to NetID based authentication then there is an easy path. Simply enable shibboleth to pass the NetID attribute and set the netid-header below to the correct value. When a user attempts to log in to DSpace first DSpace will look for an EPerson with the passed NetID, however when this fails DSpace will fall back to email based authentication. Then DSpace will update the user's EPerson account record to set their netted NetID so all future authentications for this user will be based upon nettedNetID. One thing to note is that DSpace will prevent an account from switching NetIDs. If an account all ready already has a NetID set and then they try and authenticate with a different NetID the authentication will fail.

...

Note
titleHaving issues getting Safari working?

In addition to the below settings, you may need to ensure your Shibboleth IdP is trusted  by the DSpace backend by adding it to your rest.cors.allowed-origins configuration. This is required for Safari web browsers to work with DSpace's Shibboleth plugin.

For example, if your IdP is https://samltest.id/, then you need to append that URL to the comma-separated list of "allowed-origins" like:

rest.cors.allowed-origins = ${dspace.ui.url}, https://samltest.id

More information on this configuration can be found in the REST API documentation.

...