Hi Clive,
Try replacing the code in the getSpcialGroups method in [dspace-src]/dspace-api/src/main/java/org/dspace/authenticate/DAPHierarchicalAuthentication.java with the following:
public int[] getSpecialGroups(Context context, HttpServletRequest request)
{
try
{
if (!context.getCurrentUser().getNetid().equals(""))
{
Group staffGroup = Group.findByName(context, "all-staff");
Group studentsGroup = Group.findByName(context, "all-students");
// Does the username start with a '1'?
if ((studentsGroup != null) && (context.getCurrentUser().getNetid().startsWith("1")))
{
// Add them to the students group
return new int[] { studentsGroup.getID() };
}
else if (staffGroup != null)
{
// Add them to the staff group
return new int[] { staffGroup.getID() };
}
}
}
catch (Exception npe) {
// The user is not an LDAP user, so we don't need to worry about them
}
return new int[0];
}
Hopefully this should work. You may wish to change the group names which are set in the code to be 'all-staff' and 'all-students'.
Stuart Lewis
Digital Services Programmer
Te Tumu Herenga The University of Auckland Library
Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand
Ph: 64 9 373-7599 x81928
http://www.library.auckland.ac.nz/
From: clive gould [mailto:cliveg@...]
Sent: Monday, 27 April 2009 4:59 a.m.
To: dspace-tech@...
Subject: Re: [Dspace-tech] Special Groups
Hi Stuart
I'm at a loss to know where to find the getSpecialGroups method.
I've tried locate and grep recursively without success.
All student id's are numeric and begin with the number 1
All I need is a fragment of code as follows:
IF first character of EPerson name is not 1 THEN
Add EPerson to staff special group
ENDIF
I guess it would look something like this: (N.B. I'm not a java programmer!)
if (context.getCurrentUser().getEPersonl()!=='1') {
??????????
}
How and where do I go about coding this please?
Thnaks very much indeed.
Clive
On Thu, Apr 23, 2009 at 10:36 PM, Stuart Lewis <s.lewis@...> wrote:
Hi Clive,
The code you need to write will either need to go in the getSppecialGroups method, or in the authenticate method.
Ideally it would go in the former, but it depends on whether you can derive the group you need to add the user to from their EPerson details. For example if you can tell from their netid or email whether they are staff or students, then you can write code in getSpecialGroups along the lines of
if (context.getCurrentUser().getEmail().contains("@students.bromley.ac.uk"))
to decide if a user matches.
However if the information cannot be derived from their EPerson information, but you need the information from their LDAP record (e.g. to look up group memberships) instead, then you'll have to add code in the authenticate method. You need to find where in the code the user gets authenticated, decide which groups to add the user to based upon their user profile, then use the api call context.setSpecialGroup(int groupID).
I hope this helps,
Stuart Lewis
Digital Services Programmer
Te Tumu Herenga The University of Auckland Library
Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand
Ph: 64 9 373-7599 x81928
http://www.library.auckland.ac.nz/
From: clive gould [mailto:cliveg@...]
Sent: Friday, 24 April 2009 2:12 a.m.
To: dspace-tech@...
Subject: [Dspace-tech] Special Groups
Hi
I have published in my DSpace install blog information on installing DSpace 1.5.2 on CentOS 5.3 and getting DSpace/AD authentication working:
http://www.linuxtraining.org.uk/blogger.html
Now I am starting to wonder if anyone managed to get more than one special group working with DSpace with LDAP/AD authentication?
What I am interested in is getting:
* Staff users from AD automatically added to a staff special group in DSpace
* Student users from AD automatically added to a student special group in Dspace.
I understand this may involve writing code associated with the getSpecialGroups methods.
Automatic group membership for staff and students in DSpace worked well with RADIUS authentication, but the RADIUS module won't work for me any longer :(
Has anyone got this working with LDAP authentication I wonder?
Thanks in advance
Clive
Clive Gould
Bromley College
|