en:admin:users_administration:users_authentication

This operation allows the platform administrator to designate alternative ways of user accont authentication. More specifically, the available alternatives are through:

  the Open eClass platform, (default)
  an LDAP Directory Service
  an IMAP Server
  a POP3 Server
  an External MySQL Database
  a Shibboleth Server
  a CAS Server

Fig 7a - Activation – Adjustment of users’ configuration modes

By default user’s account is created on the Open eClass platform database, while other user account authentication services (e.g. LDAP, IMAP, POP3, external DATABASE, Shibboleth, CAS) may also undertake the user account authentication. When a student or a teacher is about to register to the platform, they will view all the activated ways of user account authentication.

The steps in activating an alternative authentication method are the following:

  You select the method you want to activate
  You insert the authentication settings (server name and login account)
  then click on “Activation” from the initial list for the method chosen

For authentication via CAS you must know some settings like CAS server url, port number, url of login page, url of logout page (if exists), certificates file (if exists) and some attributes required for accessing eClass like user email ,user first name and user surname. Note that none of them are required

Also for shibboleth authentication you will be asked for shibboleth variable names e.g. $_SERVER[“mail”], $_SERVER[“uid” and $_SERVER[“givenName”]. These variables names are mapped to attributes email, username and canonical name. If shibboleth canonical name includes user first name and user surname then you must define a separator character between first name and surname. All of these will be written to file (path of eClass)/secure/index.php

So, if you don’t know some of them, you can modify the above file later.

  • Last modified: 2017/09/12 13:41