Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shibboleth: Remote Authentication Phase 1 #2939

Closed
15 of 20 tasks
pdurbin opened this issue Feb 9, 2016 · 4 comments
Closed
15 of 20 tasks

Shibboleth: Remote Authentication Phase 1 #2939

pdurbin opened this issue Feb 9, 2016 · 4 comments
Assignees
@kcondon
Labels
Component: Code Infrastructure formerly "Feature: Code Infrastructure" Feature: Account & User Info Type: Feature a feature request
Milestone
4.4

Comments

@pdurbin
Copy link
Member

pdurbin commented Feb 9, 2016
edited
Loading

Dataverse 4.0 shipped with experimental Shibboleth support, but there are a number of issues we'd like to resolve before we re-enable Shibboleth at https://dataverse.harvard.edu . In a Remote Authentication Business Requirements Document (BRD) the scope of work is described as "Phase 1". I'm creating this issue to have an issue number to use in the name of a branch where I'll start to push code. If you don't see an issue listed below, I'm not working on it for Phase 1. I'll update this description as necessary. A checkmark indicates that @pdurbin thinks that issue is code-complete and included in pull request #3025.

New features to add

Bugs to fix

Features that should be re-tested (no regressions)

These were developed for 4.0 were based on Shibboleth Functional Requirements Document for Dataverse 4.0:

Bonus bug fixes that should be re-tested (no regressions)

  • review dataverseuser.xhtml and see if code related to SearchIncludeFragment can be removed since MyData probably isn't using it. Done in 040a4d4

When will Shibboleth support no longer be considered experimental?

Once the issues above have gone through QA and a release has been deployed to https://dataverse.harvard.edu for some amount of time without incident, we'll remove "experimental" from the docs and close the issue below:

Issues that may be included or may be out of scope

Issues that are definitely out of scope
@pdurbin pdurbin self-assigned this Feb 9, 2016
pdurbin added a commit that referenced this issue Feb 12, 2016
@pdurbin
Shib: stub out migrate to builtin account #2915 #2939
7ea6a01 
The basics are in place but code should be cleaned up more and
refactored. Started working a bit on user management. Added PROVIDER_ID
static field for Shib provider.
@pdurbin pdurbin mentioned this issue Feb 12, 2016
Closed
@eaquigley
Copy link
Contributor

@mheppler and @pdurbin I'm not seeing an issue in the above list that it makes sense to add in the bug we found where the Help link in the Institutional Log In box isn't going to the right URL and doesn't open the guides in a new tab. Is there one above either of you would want me to add it to or should I go ahead and create a new one?

@pdurbin
Copy link
Member Author

pdurbin commented Feb 12, 2016

@eaquigley I just created #2951 and added it to the list in the description. Thanks for the reminder!

@pdurbin pdurbin mentioned this issue Feb 12, 2016
Closed
pdurbin added a commit that referenced this issue Feb 12, 2016
@pdurbin
Shib: help should point at guides.dataverse.org #2951 #2939
4121376
This was referenced Feb 12, 2016
Closed
Closed
pdurbin added a commit that referenced this issue Feb 23, 2016
@pdurbin
user page: when viewing show authenticated not builtin values #2046 #…
b317365 
…2939
@pdurbin pdurbin mentioned this issue Feb 23, 2016
Closed
pdurbin added a commit that referenced this issue Feb 23, 2016
@pdurbin
add extra text below "Institution Log In" #2951 #2939
bf2f824
@scolapasta scolapasta added this to the 4.4 milestone Feb 24, 2016
This was referenced Feb 26, 2016
Closed
Closed
pdurbin added a commit that referenced this issue Mar 1, 2016
@pdurbin
editMode honors :AllowSignup boolean #2838 #2939
f328110 
Redirect to 403 (unauthorized) if you try to hack the URL.

Also, only show "user.signup.tip" when you are really about to create.
pdurbin added a commit that referenced this issue Mar 2, 2016
@pdurbin
Shib: pick first email if multiple asserted #2512 #2939
ffd1d6e 
- Put email addresses throught the same "find single value" logic
  originally developed in #1608 for multiple first and last names.
- Add `@ValidateEmail` to the "email" field on AuthenticatedUser to
  match BuiltinUser.
- Add null check added to EmailValidator to make it testable.
- Add `INVALID_EMAIL` and `MISSING_REQUIRED_ATTR` modes for Shib testing
  in dev.
- Remove red warning when TestShib doesn't provide "mail" attribute.
- Catch authSvc.createAuthenticatedUser exceptions and handle errors
  better.
- Reformat code (getPrettyFacesHomePageString seems ok).
pdurbin added a commit that referenced this issue Mar 3, 2016
@pdurbin
Shib: add more debug logging #2916 #2939
f901d9f 
- Some debugging relates to groups #105
- Some code cleanup.
@pdurbin pdurbin mentioned this issue Mar 3, 2016
Closed
pdurbin added a commit that referenced this issue Mar 3, 2016
@pdurbin
all users can have an affiliation #2950 #2939
66c4777
pdurbin added a commit that referenced this issue Mar 3, 2016
@pdurbin
Shib: don't tell users IdP didn't give affiliation #2950 #2939
58ed4f8 
I believe this is a reversal of an earlier design decision but
@mheppler said it should be removed so I'm removing it:

#2950 (comment)
@pdurbin pdurbin mentioned this issue Mar 4, 2016
Closed
pdurbin added a commit that referenced this issue Mar 4, 2016
@pdurbin
redirect Shib users to page they clicked #1551 #2939
96adc39
pdurbin added a commit that referenced this issue Mar 7, 2016
@pdurbin
Shib: disable redirect fix in 96adc39 in #1551 #2939
2d5130c 
Too buggy. Sometimes you can't log in, especially when clearing history.
pdurbin added a commit that referenced this issue Mar 7, 2016
@pdurbin
Shib: after convert, show user page #2952 #2939
e911234 
Also catch exception calling authSvc.authenticate when builtinuser
password is not populated. Reformat code.
pdurbin added a commit that referenced this issue Mar 14, 2016
@pdurbin
Shib: move getAffiliation from backing to service bean #2939
c76e67d
pdurbin added a commit that referenced this issue Mar 14, 2016
@pdurbin
Shib: refactor to exercise getAffiliation from API #2939
0d1cc9b
pdurbin added a commit that referenced this issue Mar 14, 2016
@pdurbin
Shib refactor: move builtin2shib to AdminIT #2939
b54ef59
pdurbin added a commit that referenced this issue Mar 14, 2016
@pdurbin
Shib: move English text to bundle #2939
1b74d2e
pdurbin added a commit that referenced this issue Mar 15, 2016
@pdurbin
Shib: refactor and make more testable #2939
0672ddd
pdurbin added a commit that referenced this issue Mar 15, 2016
@pdurbin
Shib: remove headers experiment (insecure) #2939 #2294
7943bcc
pdurbin added a commit that referenced this issue Mar 15, 2016
@pdurbin
Shib: remove old debugging code #2916 #2939
5c19ca0
pdurbin added a commit that referenced this issue Mar 15, 2016
@pdurbin
Shib: move more methods out of backing bean #2939
bcb8ef2
pdurbin added a commit that referenced this issue Mar 15, 2016
@pdurbin
Shibboleth: favor "Institutional" login #3011 #2939
b6c638d
pdurbin added a commit that referenced this issue Mar 16, 2016
@pdurbin
Merge branch 'develop' into 2939-shib #2939
ea046a3 
Conflicts:

- pom.xml
- src/main/java/Bundle.properties
pdurbin added a commit that referenced this issue Mar 16, 2016
@pdurbin
refix "institutional" and blurb #2951 #3011 #2939
15e15d1 
When merging from "develop" I let develop win. Need to reapply these
fixes.
@pdurbin pdurbin mentioned this issue Mar 16, 2016
Merged
11 tasks
pdurbin added a commit that referenced this issue Mar 17, 2016
@pdurbin
Merge branch 'develop' into 2939-shib #2939
bac238f
@pdurbin
Copy link
Member Author

pdurbin commented Mar 21, 2016

This is the parent ticket I've been using to organize the "phase 1" Shibboleth work (and name the branch after) and I'm passing this issue to QA now that I've made my pull request at #3025.

@pdurbin pdurbin assigned kcondon and unassigned pdurbin Mar 21, 2016
pdurbin added a commit that referenced this issue Mar 23, 2016
@pdurbin
Merge branch 'develop' into 2939-shib #2939
db3f4f6
pdurbin added a commit that referenced this issue Mar 24, 2016
@pdurbin
Merge branch 'develop' into 2939-shib #2939
78ef2c1
pdurbin added a commit that referenced this issue Apr 1, 2016
@pdurbin
Merge branch 'develop' into 2939-shib #2939
c6f641f
pdurbin added a commit that referenced this issue Apr 19, 2016
@pdurbin
Merge branch 'develop' into 2939-shib #2939
2c98602
@kcondon
Copy link
Contributor

kcondon commented Apr 21, 2016

Tested closing.

@kcondon kcondon closed this as completed Apr 21, 2016
pdurbin added a commit that referenced this issue Apr 27, 2016
@pdurbin
API Token: put "not found" message in bundle and update #2939
962997e
@pdurbin pdurbin modified the milestones: 4.4, 4.5 Jun 30, 2016
@pdurbin pdurbin mentioned this issue Nov 22, 2016
Closed
@pdurbin pdurbin mentioned this issue Dec 16, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kcondon kcondon

Labels
Component: Code Infrastructure formerly "Feature: Code Infrastructure" Feature: Account & User Info Type: Feature a feature request
Projects
None yet
Milestone
4.4
Development

No branches or pull requests
4 participants
@pdurbin @scolapasta @kcondon @eaquigley