Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:admin:users_administration:users_authentication [2017/09/12 13:42]
127.0.0.1 external edit
en:admin:users_administration:users_authentication [2017/09/12 13:41] (current)
Line 1: Line 1:
-=== User authentication ===+==== User authentication ===
 +This operation allows the platform administrator to designate alternative ways of user accont authentication. More specifically,​ the available alternatives are through: 
 + 
 +    the Open eClass platform, (default) 
 +    an LDAP Directory Service 
 +    an IMAP Server 
 +    a POP3 Server 
 +    an External MySQL Database 
 +    a Shibboleth Server 
 +    a CAS Server 
 + 
 +Fig 7a - Activation – Adjustment of users’ configuration modes 
 + 
 +By default user’s account is created on the Open eClass platform database, while other user account authentication services (e.g. LDAP, IMAP, POP3, external DATABASE, Shibboleth, CAS) may also undertake the user account authentication. When a student or a teacher is about to register to the platform, they will view all the activated ways of user account authentication. 
 + 
 +The steps in activating an alternative authentication method are the following:​ 
 + 
 +    You select the method you want to activate 
 +    You insert the authentication settings (server name and login account) 
 +    then click on “Activation” from the initial list for the method chosen 
 + 
 +For authentication via CAS you must know some settings like CAS server url, port number, url of login page, url of logout page (if exists), certificates file (if exists) and some attributes required for accessing eClass like user email ,user first name and user surname. Note that none of them are required 
 + 
 +Also for shibboleth authentication you will be asked for shibboleth variable names e.g. $_SERVER[“mail”],​ $_SERVER[“uid” and $_SERVER[“givenName”]. These variables names are mapped to attributes email, username and canonical name. If shibboleth canonical name includes user first name and user surname then you must define a separator character between first name and surname. All of these will be written to file (path of eClass)/​secure/​index.php 
 + 
 +So, if you don’t know some of them, you can modify the above file later.