[EP-tech] Re: Windows ACS single sign-on
tdb2 at ecs.soton.ac.uk
Mon Apr 16 16:09:21 BST 2012
On Tue, 2012-04-03 at 10:32 +0000, Carl Franks wrote:
> I'm currently running eprints 3.2.8 with edshare 3.2 on Ubuntu 10.04LTS
> I'd like to integrate with our Windows Azure-based single sign-on system.
> Can anyone recommend which eprints files I'll need to look at to
> customize the login?
> I'll need to retain the current login form, to allow admin logins - but
> I'd like to hide it with JS, and have a discrete link that will unhide
> it. For ACS logins, I'll need to display a button that will simply
> redirect the user to our ACS (access control service) server.
> The ACS logs the user in if they're not already logged in, and needs to
> redirect the user back to the eprints server, passing a session ID,
> which I'll need to verify, and then tell eprints what their username
> is, and that they should be logged in.
> So, to clarify: eprints will store user accounts for all users, but
> won't handle password authentication, except for the admin account.
> Any pointers on how to approach this would be welcome, as I'm still
> just learning my way around the eprints code.
> For the ACS-specific code, I plan on basing it on Microsoft's ACS
> plugin for wordpress, which looks like it'll be fairly straightforward
> to convert to perl.
I'm not familiar with ACS but there's a few approaches to customising
authentication in EPrints (and more in 3.3.x).
If you're getting a username & password within EPrints you can change
the authentication in cfg.d/user_login.pl.
To login via another page (single-sign-on) you will want to add a
Or you could override /cgi/login by creating a a file at
All the best,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 490 bytes
Desc: This is a digitally signed message part
Url : http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20120416/17cc924d/attachment.bin
More information about the Eprints-tech