[shib_auth] logging in a drupal user with a shib session fromanother log in

Mon May 23 15:20:08 CEST 2011

I'm not restricting any particular piece of information. I am restricting the entire site. So as soon as someone tries to reach the site I want them to log in using Shibboleth to establish the Shibboleth session. Then they can browse the entire Drupal site and also the related Moodle courses embedded inside Drupal. But right now I just get taken to the Drupal homepage, after they log in to Shibboleth via the Shibboleth default login page. Then the user has to click login (as they normally would without Shibboleth) to log in again. And then they are connected to via the Drupal shibboleth module. I know this because I saw a Drupal error/warning message that said that the user already existed and it referenced Shibboleth.

I just want to log them into Shibboleth and have Drupal pick up the login and not require them to log in again. Is this how this module works?

-----Original Message-----
From: shib_auth-bounces at listserv.niif.hu [mailto:shib_auth-bounces at listserv.niif.hu] On Behalf Of Michael.OBrien
Sent: Saturday, May 21, 2011 2:23 AM
To: Drupal shib_auth module users
Subject: Re: [shib_auth] logging in a drupal user with a shib session fromanother log in

When you say the login button is there do you mean that you get asked to login if you try to access some content restricted to only authenticated users or do you mean the physical login button is just still shown?

Are you using lazy sessions or is shibboleth required to every node and part of your site?
What happens when you try to access a part of your site restricted to authorised users only?

-----Original Message-----
From: shib_auth-bounces at listserv.niif.hu on behalf of Kristof Bajnok
Sent: Fri 20/05/2011 22:07
To: shib_auth at listserv.niif.hu
Subject: Re: [shib_auth] logging in a drupal user with a shib session fromanother log in

On 2011. May 20. 21:12:22 Tommy Peterson wrote:
> The problem I can't seem to understand, which is probably related to
> me being very new to this module and somewhat to Drupal, is that when
> I access the drupal site configured to be controlled by Shibboleth
> after already logging in to Shibboleth, I am not logged into Drupal.
> The login button is still there. How can I make th is work? Basically,
> I have another application on the same server controlled by
> shibboleth. I log in there. But when I access the drupal site/pages,
> with the shibboleth session still active, again, I still see the
> Drupal pages' log in button and am not logged in.

Most common problem is that Shibboleth is not protecting your Drupal installation path, either because there is no 'require shibboleth' stanza for the directory or because of an http/https problem.

> Also, if I want to make things simple for myself and my installation
> and have Drupal/shib-auth look for server variables named "mail" and "name"
> instead 'HTTP_SHIB_MAIL' and   'REMOTE_USER' is it just a simple matter of
> updating the $var_store array like so in the
> drupal/modules/shib_auth/shib_auth.module file? Anything else that I
> need to do?
> 'email_variable' => 'mail',
> 'username_variable' => 'name',

No, the proper way is to use the configuration interface. Look for Administer/User management/Shibboleth settings.

Kristof

_______________________________________________
shib_auth mailing list
shib_auth at listserv.niif.hu
https://listserv.niif.hu/mailman/listinfo/shib_auth

This message contains Devin Group confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.
 Please notify the sender immediately by e-mail if you have received this e-mail in error and delete this e-mail from your system. E-mail transmissions cannot be guaranteed secure, error-free and information could be intercepted, corrupted, lost, destroyed, arrive late, incomplete, or contain viruses. The sender therefore does not accept liability for errors or omissions in the contents of this message which may arise as result of transmission. If verification is required please request hard-copy version.