[Archivesspace_Users_Group] New Single Sign On Plugin released
Chris Fitzpatrick
Chris.Fitzpatrick at lyrasis.org
Tue Sep 29 11:40:05 EDT 2015
Hey Joshua,
This is so excellent.
I'm just curious if there are other SSO stragegies people would like to see? Google Apps for Education? Shibboleth? MySpace?
Here's a list of what could be added to omniauth:
https://github.com/intridea/omniauth/wiki/List-of-Strategies
b,chris.
Chris Fitzpatrick | Developer, ArchivesSpace
Skype: chrisfitzpat | Phone: 918.236.6048
http://archivesspace.org/
________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Joshua D. Shaw <Joshua.D.Shaw at dartmouth.edu>
Sent: Friday, September 25, 2015 10:27 PM
To: Archivesspace Users Group
Subject: [Archivesspace_Users_Group] New Single Sign On Plugin released
Just a heads up to the community that we (Dartmouth) have developed and released a plugin that implements an alternative login method for institutions that use a single sign on system. Credit goes to Eric Bivona, one of our senior programmers. Plugin can be found here: https://github.com/dartmouth-dltg/aspace-omniauth-cas
[https://avatars1.githubusercontent.com/u/11048460?v=3&s=400]<https://github.com/dartmouth-dltg/aspace-omniauth-cas>
dartmouth-dltg/aspace-omniauth-cas · GitHub
aspace-omniauth-cas - An ArchivesSpace plugin to provide OmniAuth/CAS single-sign-on authentication.
Read more...<https://github.com/dartmouth-dltg/aspace-omniauth-cas>
We've used the omniAuth gem as the base authentication bundle. Though omniAuth supports a wide variety of authentication methods, at present, the plugin is only implemented for CAS authentication.
The README file explains the working and configuration of the plugin in greater depth, but this plugin replaces the standard login window with a redirect to an authentication server which first authenticates the user to the frontend. The authentication token is passed from the frontend to the backend which then verifies that authentication payload with the CAS server. Once this is confirmed, the user is logged in. The user's personal information is also updated to reflect the authoritative version held by the CAS server.
Feel free to email with questions!
Joshua
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20150929/e0107393/attachment.html>
More information about the Archivesspace_Users_Group
mailing list