Menu
▾
▴
unity-idm-discuss — Unity discussion and support
You can subscribe to this list here.
| 2014 |
Jan
(3) |
Feb
(1) |
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
(2) |
Aug
(2) |
Sep
|
Oct
(3) |
Nov
|
Dec
(1) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2015 |
Jan
(20) |
Feb
(3) |
Mar
|
Apr
|
May
|
Jun
(15) |
Jul
(1) |
Aug
(7) |
Sep
(13) |
Oct
(2) |
Nov
(10) |
Dec
(1) |
| 2016 |
Jan
|
Feb
(2) |
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
(1) |
Aug
(2) |
Sep
(11) |
Oct
(7) |
Nov
(6) |
Dec
(11) |
| 2017 |
Jan
(10) |
Feb
(5) |
Mar
(27) |
Apr
(34) |
May
(25) |
Jun
(14) |
Jul
(7) |
Aug
(17) |
Sep
(11) |
Oct
(6) |
Nov
(14) |
Dec
(10) |
| 2018 |
Jan
(8) |
Feb
(19) |
Mar
(40) |
Apr
(9) |
May
(16) |
Jun
(23) |
Jul
(31) |
Aug
(7) |
Sep
(9) |
Oct
(6) |
Nov
(14) |
Dec
(19) |
| 2019 |
Jan
(4) |
Feb
(6) |
Mar
(1) |
Apr
(2) |
May
(6) |
Jun
(3) |
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
(19) |
Dec
(14) |
| 2020 |
Jan
(10) |
Feb
(24) |
Mar
(49) |
Apr
(26) |
May
(12) |
Jun
(4) |
Jul
(13) |
Aug
(32) |
Sep
(13) |
Oct
(10) |
Nov
(4) |
Dec
(16) |
| 2021 |
Jan
(2) |
Feb
(8) |
Mar
(15) |
Apr
(19) |
May
(5) |
Jun
(13) |
Jul
(6) |
Aug
(38) |
Sep
(11) |
Oct
(18) |
Nov
(11) |
Dec
(13) |
| 2022 |
Jan
(10) |
Feb
(21) |
Mar
(28) |
Apr
(3) |
May
(7) |
Jun
(9) |
Jul
(14) |
Aug
(13) |
Sep
(8) |
Oct
(29) |
Nov
(1) |
Dec
(21) |
| 2023 |
Jan
(19) |
Feb
(9) |
Mar
|
Apr
(10) |
May
(7) |
Jun
(10) |
Jul
(14) |
Aug
(17) |
Sep
(1) |
Oct
(9) |
Nov
(5) |
Dec
(14) |
| 2024 |
Jan
(12) |
Feb
(2) |
Mar
(8) |
Apr
(1) |
May
(6) |
Jun
(6) |
Jul
(24) |
Aug
(15) |
Sep
(1) |
Oct
(6) |
Nov
(20) |
Dec
(14) |
| 2025 |
Jan
(12) |
Feb
(2) |
Mar
(10) |
Apr
(11) |
May
(13) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Sami <sh...@la...> - 2018-03-13 10:48:53
|
Hi, Couple of years ago the documents describes primary/local databases and it was possible to share same primary database instance between multiple unity-idm instances. Current documents from decent versions doesn't anymore describe local and primary databases, so I assume that there is just one. So the question is, can that database be shared between multiple unity-idm nodes which are running simultaneously? I understand that Hazelcast at least comes to this scenario where all hosts in the cluster shares same in-memory database which is synched to this "one/shared" database instance. What is the status of Hazelcast, it seems to be still experimental but is there any estimates when it achieves the maturity to be stable for production use? Thanks, Sami |
|
From: Krzysztof B. <kb...@un...> - 2018-03-07 08:46:09
|
W dniu 07.03.2018 o 08:06, Sander Apweiler pisze: > Hi Krzysztof, > > > we are using: mysql Ver 15.1 Distrib 5.5.56-MariaDB, for Linux > (x86_64) using readline 5.1 > > which is latest version in CentOS 7. Which version is needed? > Mysql - 5.6.4 in minimum supporting more then second precision for dates. |
|
From: Sander A. <sa....@fz...> - 2018-03-07 07:06:44
|
Hi Krzysztof, we are using: mysql Ver 15.1 Distrib 5.5.56-MariaDB, for Linux (x86_64) using readline 5.1 which is latest version in CentOS 7. Which version is needed? Cheers, Sander Am Dienstag, den 06.03.2018, 19:36 +0100 schrieb Krzysztof Benedyczak: > Sander, > > W dniu 05.03.2018 o 10:53, Sander Apweiler pisze: > > Hi Krzysztof, > > > > I set up a new instance of unity 2.4.2 with its own mysql DB. > > During > > the DB creation an error occurs. The startup log ist attached. > > > > Are you using a supported version of DB? From the log file it seems > that > precision field on DATETIME type is not accepted by your server - > what > was true for old MySQL and MariaDBs. > > Best, > Krzysztof -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2018-03-06 18:36:43
|
Sander, W dniu 05.03.2018 o 10:53, Sander Apweiler pisze: > Hi Krzysztof, > > I set up a new instance of unity 2.4.2 with its own mysql DB. During > the DB creation an error occurs. The startup log ist attached. > Are you using a supported version of DB? From the log file it seems that precision field on DATETIME type is not accepted by your server - what was true for old MySQL and MariaDBs. Best, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2018-03-06 18:23:04
|
Hi, W dniu 05.03.2018 o 13:55, Nikolaos Evangelou pisze: > Hello everyone, > > I would like to ask if, somehow, the acceptance of terms and policies is storied in unity’s database, and if it’s possible to store the acceptance of terms and policies from other services for validation check, and how to implement it. You can create attribute to store the fact that ToU was accepted. The acceptance can be asked on registration (for prospective users) or enquiry (for existing users after ToU update) form. In both cases you can set up the form to automatically add/update user's attribute upon acceptance. HTH Krzysztof |
|
From: Piotr P. <pio...@gm...> - 2018-03-06 06:29:39
|
Dear Sander I have investigated this and unfortunatly this is a minor bug. We will fix this problem in next release. Thank you for informations and request. Best regards Piotr pon., 5.03.2018, 13:20 użytkownik Sander Apweiler <sa....@fz...> napisał: > Hi, > > email: E-mail address (unity default) > name did not exist as attribute so far. > > It was only created in output translation profile. I created it as an > attribute with displayName Name. But I still see "string" in consent > screen. > > Best regards, > Sander > > > Am Montag, den 05.03.2018, 12:13 +0000 schrieb Piotr Piernik: > > Dear Sander > > Could you please check what displayName is set in your attribute > > types 'name' and 'email'? > > > > Best regards > > Piotr > > > > pon., 5.03.2018, 13:08 użytkownik Sander Apweiler <sa.apweiler@fz-jue > > lich.de> napisał: > > > Dear Piotr, > > > > > > the names was "name" and "email". > > > > > > Name was created by attr[givenName] + ' ' + attr['sn'] and email > > > was > > > created by attr['email']. (default email attr.) > > > > > > Best regards, > > > Sander > > > > > > Am Montag, den 05.03.2018, 11:39 +0000 schrieb Piotr Piernik: > > > > Dear Sander > > > > What attribute names did you use in your profile as > > > attributeName? > > > > Maybe you have attribute type with the same name as used > > > > attributeName and displayed name of this attribute type is > > > "string". > > > > > > > > Best regards > > > > Piotr > > > > > > > > > > > > > > > > pon., 5.03.2018, 12:11 użytkownik Sander Apweiler <sa.apweiler@fz > > > -jue > > > > lich.de> napisał: > > > > > Hi Krzysztof, > > > > > > > > > > If the attributeDisplayName in output translation profile was > > > not > > > > > set, > > > > > the consent screen of unity 2.4.2 show the attribute type > > > instead > > > > > of > > > > > attributeName. See the attached screenshot. > > > > > > > > > > I would expect that attribute name is used for display or > > > > > attributeDisplayName in translation profile is mandatory. > > > > > > > > > > Best regards, > > > > > Sander > > > > > -- > > > > > Federated Systems and Data > > > > > Juelich Supercomputing Centre > > > > > > > > > > phone: +49 2461 61 8847 > > > > > fax: +49 2461 61 6656 > > > > > email: sa....@fz... > > > > > > > > > > ------------------------------------------------------------- > > > ---- > > > > > ------ > > > > > ------------------------------------------------------------- > > > ---- > > > > > ------ > > > > > Forschungszentrum Juelich GmbH > > > > > 52425 Juelich > > > > > Sitz der Gesellschaft: Juelich > > > > > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B > > > > > 3498 > > > > > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen > > > Huthmacher > > > > > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt > > > > > (Vorsitzender), > > > > > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald > > > Bolt, > > > > > Prof. Dr. Sebastian M. Schmidt > > > > > ------------------------------------------------------------- > > > ---- > > > > > ------ > > > > > ------------------------------------------------------------- > > > ---- > > > > > ------------------------------------------------------------- > > > ---- > > > > > ------------------- > > > > > Check out the vibrant tech community on one of the world's most > > > > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot____ > > > ____ > > > > > _______________________________________ > > > > > Unity-idm-discuss mailing list > > > > > Uni...@li... > > > > > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > > > -- > > > Federated Systems and Data > > > Juelich Supercomputing Centre > > > > > > phone: +49 2461 61 8847 > > > fax: +49 2461 61 6656 > > > email: sa....@fz... > > > > > > ----------------------------------------------------------------- > > > ------ > > > ----------------------------------------------------------------- > > > ------ > > > Forschungszentrum Juelich GmbH > > > 52425 Juelich > > > Sitz der Gesellschaft: Juelich > > > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B > > > 3498 > > > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > > > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt > > > (Vorsitzender), > > > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > > > Prof. Dr. Sebastian M. Schmidt > > > ----------------------------------------------------------------- > > > ------ > > > ----------------------------------------------------------------- > > > ------ > -- > Federated Systems and Data > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > Prof. Dr. Sebastian M. Schmidt > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- |
|
From: Nikolaos E. <ni...@ad...> - 2018-03-05 12:55:42
|
Hello everyone, I would like to ask if, somehow, the acceptance of terms and policies is storied in unity’s database, and if it’s possible to store the acceptance of terms and policies from other services for validation check, and how to implement it. Regards, Nick E. |
|
From: Sander A. <sa....@fz...> - 2018-03-05 12:21:08
|
Hi, email: E-mail address (unity default) name did not exist as attribute so far. It was only created in output translation profile. I created it as an attribute with displayName Name. But I still see "string" in consent screen. Best regards, Sander Am Montag, den 05.03.2018, 12:13 +0000 schrieb Piotr Piernik: > Dear Sander > Could you please check what displayName is set in your attribute > types 'name' and 'email'? > > Best regards > Piotr > > pon., 5.03.2018, 13:08 użytkownik Sander Apweiler <sa.apweiler@fz-jue > lich.de> napisał: > > Dear Piotr, > > > > the names was "name" and "email". > > > > Name was created by attr[givenName] + ' ' + attr['sn'] and email > > was > > created by attr['email']. (default email attr.) > > > > Best regards, > > Sander > > > > Am Montag, den 05.03.2018, 11:39 +0000 schrieb Piotr Piernik: > > > Dear Sander > > > What attribute names did you use in your profile as > > attributeName? > > > Maybe you have attribute type with the same name as used > > > attributeName and displayed name of this attribute type is > > "string". > > > > > > Best regards > > > Piotr > > > > > > > > > > > > pon., 5.03.2018, 12:11 użytkownik Sander Apweiler <sa.apweiler@fz > > -jue > > > lich.de> napisał: > > > > Hi Krzysztof, > > > > > > > > If the attributeDisplayName in output translation profile was > > not > > > > set, > > > > the consent screen of unity 2.4.2 show the attribute type > > instead > > > > of > > > > attributeName. See the attached screenshot. > > > > > > > > I would expect that attribute name is used for display or > > > > attributeDisplayName in translation profile is mandatory. > > > > > > > > Best regards, > > > > Sander > > > > -- > > > > Federated Systems and Data > > > > Juelich Supercomputing Centre > > > > > > > > phone: +49 2461 61 8847 > > > > fax: +49 2461 61 6656 > > > > email: sa....@fz... > > > > > > > > ------------------------------------------------------------- > > ---- > > > > ------ > > > > ------------------------------------------------------------- > > ---- > > > > ------ > > > > Forschungszentrum Juelich GmbH > > > > 52425 Juelich > > > > Sitz der Gesellschaft: Juelich > > > > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B > > > > 3498 > > > > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen > > Huthmacher > > > > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt > > > > (Vorsitzender), > > > > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald > > Bolt, > > > > Prof. Dr. Sebastian M. Schmidt > > > > ------------------------------------------------------------- > > ---- > > > > ------ > > > > ------------------------------------------------------------- > > ---- > > > > ------------------------------------------------------------- > > ---- > > > > ------------------- > > > > Check out the vibrant tech community on one of the world's most > > > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot____ > > ____ > > > > _______________________________________ > > > > Unity-idm-discuss mailing list > > > > Uni...@li... > > > > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > > -- > > Federated Systems and Data > > Juelich Supercomputing Centre > > > > phone: +49 2461 61 8847 > > fax: +49 2461 61 6656 > > email: sa....@fz... > > > > ----------------------------------------------------------------- > > ------ > > ----------------------------------------------------------------- > > ------ > > Forschungszentrum Juelich GmbH > > 52425 Juelich > > Sitz der Gesellschaft: Juelich > > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B > > 3498 > > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt > > (Vorsitzender), > > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > > Prof. Dr. Sebastian M. Schmidt > > ----------------------------------------------------------------- > > ------ > > ----------------------------------------------------------------- > > ------ -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Piotr P. <pio...@gm...> - 2018-03-05 12:14:16
|
Dear Sander Could you please check what displayName is set in your attribute types 'name' and 'email'? Best regards Piotr pon., 5.03.2018, 13:08 użytkownik Sander Apweiler <sa....@fz...> napisał: > Dear Piotr, > > the names was "name" and "email". > > Name was created by attr[givenName] + ' ' + attr['sn'] and email was > created by attr['email']. (default email attr.) > > Best regards, > Sander > > Am Montag, den 05.03.2018, 11:39 +0000 schrieb Piotr Piernik: > > Dear Sander > > What attribute names did you use in your profile as attributeName? > > Maybe you have attribute type with the same name as used > > attributeName and displayed name of this attribute type is "string". > > > > Best regards > > Piotr > > > > > > > > pon., 5.03.2018, 12:11 użytkownik Sander Apweiler <sa.apweiler@fz-jue > > lich.de> napisał: > > > Hi Krzysztof, > > > > > > If the attributeDisplayName in output translation profile was not > > > set, > > > the consent screen of unity 2.4.2 show the attribute type instead > > > of > > > attributeName. See the attached screenshot. > > > > > > I would expect that attribute name is used for display or > > > attributeDisplayName in translation profile is mandatory. > > > > > > Best regards, > > > Sander > > > -- > > > Federated Systems and Data > > > Juelich Supercomputing Centre > > > > > > phone: +49 2461 61 8847 > > > fax: +49 2461 61 6656 > > > email: sa....@fz... > > > > > > ----------------------------------------------------------------- > > > ------ > > > ----------------------------------------------------------------- > > > ------ > > > Forschungszentrum Juelich GmbH > > > 52425 Juelich > > > Sitz der Gesellschaft: Juelich > > > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B > > > 3498 > > > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > > > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt > > > (Vorsitzender), > > > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > > > Prof. Dr. Sebastian M. Schmidt > > > ----------------------------------------------------------------- > > > ------ > > > ----------------------------------------------------------------- > > > ----------------------------------------------------------------- > > > ------------------- > > > Check out the vibrant tech community on one of the world's most > > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot________ > > > _______________________________________ > > > Unity-idm-discuss mailing list > > > Uni...@li... > > > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > -- > Federated Systems and Data > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > Prof. Dr. Sebastian M. Schmidt > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- |
|
From: Sander A. <sa....@fz...> - 2018-03-05 12:08:43
|
Dear Piotr, the names was "name" and "email". Name was created by attr[givenName] + ' ' + attr['sn'] and email was created by attr['email']. (default email attr.) Best regards, Sander Am Montag, den 05.03.2018, 11:39 +0000 schrieb Piotr Piernik: > Dear Sander > What attribute names did you use in your profile as attributeName? > Maybe you have attribute type with the same name as used > attributeName and displayed name of this attribute type is "string". > > Best regards > Piotr > > > > pon., 5.03.2018, 12:11 użytkownik Sander Apweiler <sa.apweiler@fz-jue > lich.de> napisał: > > Hi Krzysztof, > > > > If the attributeDisplayName in output translation profile was not > > set, > > the consent screen of unity 2.4.2 show the attribute type instead > > of > > attributeName. See the attached screenshot. > > > > I would expect that attribute name is used for display or > > attributeDisplayName in translation profile is mandatory. > > > > Best regards, > > Sander > > -- > > Federated Systems and Data > > Juelich Supercomputing Centre > > > > phone: +49 2461 61 8847 > > fax: +49 2461 61 6656 > > email: sa....@fz... > > > > ----------------------------------------------------------------- > > ------ > > ----------------------------------------------------------------- > > ------ > > Forschungszentrum Juelich GmbH > > 52425 Juelich > > Sitz der Gesellschaft: Juelich > > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B > > 3498 > > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt > > (Vorsitzender), > > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > > Prof. Dr. Sebastian M. Schmidt > > ----------------------------------------------------------------- > > ------ > > ----------------------------------------------------------------- > > ----------------------------------------------------------------- > > ------------------- > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot________ > > _______________________________________ > > Unity-idm-discuss mailing list > > Uni...@li... > > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Piotr P. <pio...@gm...> - 2018-03-05 11:40:16
|
Dear Sander What attribute names did you use in your profile as attributeName? Maybe you have attribute type with the same name as used attributeName and displayed name of this attribute type is "string". Best regards Piotr pon., 5.03.2018, 12:11 użytkownik Sander Apweiler <sa....@fz...> napisał: > Hi Krzysztof, > > If the attributeDisplayName in output translation profile was not set, > the consent screen of unity 2.4.2 show the attribute type instead of > attributeName. See the attached screenshot. > > I would expect that attribute name is used for display or > attributeDisplayName in translation profile is mandatory. > > Best regards, > Sander > -- > Federated Systems and Data > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > Prof. Dr. Sebastian M. Schmidt > ----------------------------------------------------------------------- > > ----------------------------------------------------------------------------------------------------------------------------------------------------- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Sander A. <sa....@fz...> - 2018-03-05 11:11:12
|
Hi Krzysztof, If the attributeDisplayName in output translation profile was not set, the consent screen of unity 2.4.2 show the attribute type instead of attributeName. See the attached screenshot. I would expect that attribute name is used for display or attributeDisplayName in translation profile is mandatory. Best regards, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Sander A. <sa....@fz...> - 2018-03-05 09:54:01
|
Hi Krzysztof, I set up a new instance of unity 2.4.2 with its own mysql DB. During the DB creation an error occurs. The startup log ist attached. Best regards, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2018-03-04 15:49:09
|
Dear Subscribers, A minor release 2.42 was published. It contains update of ORCID 3rd party authentication, to the latest version 2.1. The so far used version 1.2 was deprecated by ORCID and is being removed so update is necessary if ORCID is used. Other then that some recently reported bugs were fixed: -) Output profile create attribute action does not validate its attribute name argument as MVEL expression -) Using multiple trusted metadata sources in SAML authenticator works now -) confirmation subsystem was failing on optional registration attributes, which were not provided -) a low level bug was fixed in JSON parser, failing parsing of some complex JSON user profiles with arrays. -) Creating new output translation profile in UI was not possible without using mandatory checkbox More details and download links as usual available here: http://www.unity-idm.eu/downloads/ Best regards, Krzysztof |
|
From: Sander A. <sa....@fz...> - 2018-03-04 03:13:18
|
Hi Krzysztof, Am Donnerstag, den 01.03.2018, 20:48 +0100 schrieb Krzysztof Benedyczak: > Hi Sander, > > I'd need more details to understand what is wrong in this scenario. > > W dniu 01.03.2018 o 11:39, Sander Apweiler pisze: > > Hi Krzysztof, Piotr, > > > > I found another problem. I create a new account using an external > > IdP. > > The new account is created and user can log in, although the email > > address was not confirmed so far. > > That is OK, unless this user is logging using this unconfirmed email > as > identity (with a local password set in Unity). Us this the case? > Using > external authN, if you allowed to create an account, unconfirmed > email > is irrelevant (if it is for you, then you should provision the > account > after email confirmation, what is also possible). The mapped identity is eppn. > > > Within registration from I created the rule for like it is > > described in > > manual and work on other instances with unity 1.x. > > Can you provide the details of this? I created a registration form for the IdP with following Automatically assigned setting: condition: attr["email"].confirmed == true action: autoProcess action parameter: action = accept I understood the manual, and in V1 it worked in that way, that the account is created after the email address was confirmed. Yesterday, when I tested the integration, my account was created and I was able to sign in before I confirmed the email address. > > I don't see the registration within Requests management under > > Registration & enquiry. Is this the wanted behaviour? > > > You mean there is no registration request, but user was filling it > and > it was accepted? Yes, there are only the request for oauthclients listed. Not the request from external IdPs. See the attached picture. Registration form for IdPs is DFN. Cheers, Sander > > Cheers, > KB -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2018-03-01 22:30:01
|
Hi Sander, I'd need more details to understand what is wrong in this scenario. W dniu 01.03.2018 o 11:39, Sander Apweiler pisze: > Hi Krzysztof, Piotr, > > I found another problem. I create a new account using an external IdP. > The new account is created and user can log in, although the email > address was not confirmed so far. That is OK, unless this user is logging using this unconfirmed email as identity (with a local password set in Unity). Us this the case? Using external authN, if you allowed to create an account, unconfirmed email is irrelevant (if it is for you, then you should provision the account after email confirmation, what is also possible). > Within registration from I created the rule for like it is described in > manual and work on other instances with unity 1.x. Can you provide the details of this? > I don't see the registration within Requests management under > Registration & enquiry. Is this the wanted behaviour? You mean there is no registration request, but user was filling it and it was accepted? Cheers, KB |
|
From: Krzysztof B. <kb...@un...> - 2018-03-01 22:20:47
|
Dear Tim,
W dniu 01.03.2018 o 08:19, Tim Kreuzer pisze:
> Dear Krzysztof,
>
> i want to add new users with the REST API of Unity. While creating the
> user and move them to the right group is no problem, i have problems
> to set a credential. I am not sure about the JSON Object i have to add.
>
> What i do right now is:
>
> URL =
> '...rest-admin/v1/entity/train015/credential/train:password?identityType=userName'
>
> Header = {'Content-Type': 'application/json', 'Authorization': 'Basic
> nmVfdGUkbWluOmc4OWYrbyFFeG2mVHRtaEQlZ3RQ'}
>
I guess all you need is:
http://www.unity-idm.eu/documentation/unity-2.4.1/rest-api-v1.html#_set_credential_admin
(you are trying to set credential as a user, what is described in
subsequent section)
Best,
KB
|
|
From: Sander A. <sa....@fz...> - 2018-03-01 10:40:25
|
Hi Krzysztof, Piotr, I found another problem. I create a new account using an external IdP. The new account is created and user can log in, although the email address was not confirmed so far. Within registration from I created the rule for like it is described in manual and work on other instances with unity 1.x. I don't see the registration within Requests management under Registration & enquiry. Is this the wanted behaviour? Best regards, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Piotr P. <pio...@gm...> - 2018-03-01 08:14:12
|
Dear Sander This is next small bug but I think there is a workaround. If you do not want mandatory attr please click on mandatory checkbox twice -check and uncheck. Then you can save profile. If you want to add new profile action with attrDisplayName and attrDescription you can also before save profile click twice on mandatory checkbox. Then the actions params will be save in proper way. We will fix this in upcomming 2.4.2 realese. Best regards Piotr 01.03.2018 8:21 AM "Sander Apweiler" <sa....@fz...> napisał(a): Hi Krzysztof, I created a new output translation profile within unity 2.4.1 and found two problems. 1) The entered values are not stored to its "attributes". E.g. I did not set a mark as mandatory but enter the display name and description. At least in GUI the display name is stored as value of mandatory and the description as value of display name. See picture 1. 2) I create a new attribute name in output translation profile. This attribute is create from internal attributes givenName and sn. My expression is: attr['givenName'] + ' ' + attr['sn'] If I don't enter the last three options (mandatory, display name and description), I get an error "Action parameters are invalid: Action requires min 3 parameters". See picture 2. I guess the first one is only a display problem. Do you have a solution for the second one? Best regards, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 <+49%202461%20618847> fax: +49 2461 61 6656 <+49%202461%20616656> email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- ------------------------------------------------------------ ------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Unity-idm-discuss mailing list Uni...@li... https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss |
|
From: Sander A. <sa....@fz...> - 2018-03-01 07:21:16
|
Hi Krzysztof, I created a new output translation profile within unity 2.4.1 and found two problems. 1) The entered values are not stored to its "attributes". E.g. I did not set a mark as mandatory but enter the display name and description. At least in GUI the display name is stored as value of mandatory and the description as value of display name. See picture 1. 2) I create a new attribute name in output translation profile. This attribute is create from internal attributes givenName and sn. My expression is: attr['givenName'] + ' ' + attr['sn'] If I don't enter the last three options (mandatory, display name and description), I get an error "Action parameters are invalid: Action requires min 3 parameters". See picture 2. I guess the first one is only a display problem. Do you have a solution for the second one? Best regards, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Tim K. <t.k...@fz...> - 2018-03-01 07:20:10
|
Dear Krzysztof,
i want to add new users with the REST API of Unity. While creating the
user and move them to the right group is no problem, i have problems to
set a credential. I am not sure about the JSON Object i have to add.
What i do right now is:
URL =
'...rest-admin/v1/entity/train015/credential/train:password?identityType=userName'
Header = {'Content-Type': 'application/json', 'Authorization': 'Basic
nmVfdGUkbWluOmc4OWYrbyFFeG2mVHRtaEQlZ3RQ'}
Data = ??? i tried a lot, last try was: {'true':
'["{\\"password\\":\\"newPass1!\\"}"]'}
When i set another Key in Data (like 'value') i receive
"Caused by: com.fasterxml.jackson.core.JsonParseException: Unrecognized
token 'values': was expecting ('true', 'false' or 'null')"
Because of this i tried the 'true' key. Right now i get this error
message in Unity Log:
2018-03-01T08:17:36,327 [qtp988637485-277] ERROR
unity.server.rest.JSONParsingExceptionMapper: JSON parse error during
RESTful API invocation
pl.edu.icm.unity.rest.exception.JSONParsingException: Request body must
be a JSON array
at
pl.edu.icm.unity.restadm.RESTAdmin.setCredentialByUser(RESTAdmin.java:395)
~[unity-server-rest-admin-2.4.1.jar:?]
at sun.reflect.GeneratedMethodAccessor261.invoke(Unknown
Source) ~[?:?]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:1.8.0_151]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_151]
at
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
~[cxf-core-3.1.10.jar:3.1.10]
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
~[cxf-core-3.1.10.jar:3.1.10]
at
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:189)
[cxf-rt-frontend-jaxrs-3.1.10.jar:3.1.10]
at
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99)
[cxf-rt-frontend-jaxrs-3.1.10.jar:3.1.10]
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
[cxf-core-3.1.10.jar:3.1.10]
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
[cxf-core-3.1.10.jar:3.1.10]
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
[cxf-core-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
[cxf-core-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:262)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:180)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:299)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPut(AbstractHTTPServlet.java:235)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
[javax.servlet-api-3.1.0.jar:3.1.0]
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:274)
[cxf-rt-transports-http-3.1.10.jar:3.1.10]
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:860)
[jetty-servlet-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:535)
[jetty-servlet-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
[jetty-servlet-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:219)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335)
[jetty-rewrite-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:455)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at org.eclipse.jetty.server.Server.handle(Server.java:530)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:347)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:256)
[jetty-server-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
[jetty-io-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
[jetty-io-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:289)
[jetty-io-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:149)
[jetty-io-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
[jetty-io-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
[jetty-io-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:247)
[jetty-util-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:140)
[jetty-util-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
[jetty-util-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:382)
[jetty-util-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:708)
[jetty-util-9.4.8.v20171121.jar:9.4.8.v20171121]
at
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:626)
[jetty-util-9.4.8.v20171121.jar:9.4.8.v20171121]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_151]
Can you show me a working Data JSON Object? I don't know how to create a
JSON Object, so Unity accepts it as a 'JSON array'.
Thank you and best regards,
Tim Kreuzer
--
M.Sc. Tim Kreuzer
Federated Systems and Data
Jülich Supercomputing Centre, http://www.fz-juelich.de/jsc
Phone: +49 2461 61-1583
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
-----------------------------------------------------------------------
-----------------------------------------------------------------------
|
|
From: D B. <ba...@aw...> - 2018-02-28 16:24:48
|
Hi, On 26/02/18 23:31, Krzysztof Benedyczak wrote: [...]> Anyway, instead you can try the automatic (server-driven) activation of > the auto login. Ensure you have a single remote authN option enabled on > your SAML IdP endpoint and add this to its config: > > |unity.endpoint.web.autoLogin=true| Thanks, it works now! Great! :-) D. |
|
From: Sander A. <sa....@fz...> - 2018-02-28 14:08:07
|
Hi Krzsztof, with untiy 2.4.1 I got an "Internal server error during confirmation". It seems that some attribute is not set (see attached log). DO you have a hint? Email confirmation for created entity did work. Best regards, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, Prof. Dr. Sebastian M. Schmidt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Krzysztof B. <kb...@un...> - 2018-02-26 23:29:22
|
Hi Sander, W dniu 23.02.2018 o 14:48, Sander Apweiler pisze: > Hi Krzysztof, all, > > I configured multiple IdPs with SAML metadataSource. > (remoteSamlAuth.properties is attached.) When I start unity only the > IdPs from second metadata file are listed. If I comment the second > source (whole block) out and reload the authenticator, the IdPs from > first one are loaded. > > After commend in the second source, to have both, and reload the > authenticator, the IdPs from first source gone lost. > > I have this issue on three different instances with unity 2.4.0 and > 2.4.1. Do you have any idea to solve it? I'm investigating but looks like this is a regression bug, when multiple federations are enabled. If my findings are confirmed we will fix this for the next release. As a workaround you can tr to define two saml authenticators, each using a single federation metadata, and then enable both on your endpoint(s). Best, Krzysztof |
|
From: Krzysztof B. <kb...@un...> - 2018-02-26 23:06:16
|
Hi Nikolaos, W dniu 23.02.2018 o 20:52, Nikolaos Evangelou pisze: > Hello everybody, > > I have 3 questions. First, is it possible to reproduce the > registration flow, when a user is logging in using an IdP, using API > calls? For example, can I register to B2ACCESS with my ORCID account > but using the API and not the web GUI? Fully reproducing is impossible and would be super hard anyway. But you can mostly reproduce the effects of successful registration of ORCID person using the REST API. You need to know how Unity is configured to act in such case: how the ORCID profile is translated to the local representation: input translation profile, registration form if any, its automation. And of course contents of your ORCID profile. Then you can invoke operations to add identity (likely it will be of identifier type with value equal to ORCID id), add attributes and most likely this will be it. There will be slight differences though: in Unity it will be visible that attributes and identity were directly defined and not obtained from orcid. > Second, I tried to make a put request to add an attribute to an entity > as is shown in this guide > http://www.unity-idm.eu/documentation/unity-2.2.0/rest-api-v1.html#_set_attribute > <http://www.unity-idm.eu/documentation/unity-2.2.0/rest-api-v1.html#_set_attribute> , > but when I pass the data I get the response “No JSON object could be > decoded”. I run this command: > ``` > curl -v -u ‘username’:'password' -H 'Content-Type: application/json' > -d '{"values": ["{\"value\":\"so...@em... > <mailto:so...@em...>\",\"tags\":[]}"],"name": "email","groupPath": > "/ROOT"}' -X PUT > 'https://unity.eudat-aai.fz-juelich.de/rest-admin/v1/entity/ > <https://unity.eudat-aai.fz-juelich.de/rest-admin/v1/entity/>{entityid}/attribute?identityType=email' > | python -m json.tool > ``` > So, how should be the format of the json data? The email value is incorrect. As you can see in the cited doc example, you are missing the confirmationData part. Something like this (only the value): "{\"value\":\"so...@em...\",\"confirmationData\":{\"confirmed\":false,\"confirmationDate\":0,\"sentRequestAmount\":0},\"tags\":[]}" > And third, what parameters should I pass to > https://unity.eudat-aai.fz-juelich.de/oauth2/token > <https://unity.eudat-aai.fz-juelich.de/oauth2/token> endpoint to get > an access token after registration? Hard to say, depends on OAuth flow you want to use and which is enabled for you client. In general please refer to the OAuth2 protocol spec. Best, Krzysztof |
