VIVO Documentation
Old Release
This documentation relates to an old version of VIVO, version 1.9.x. Looking for another version? See all documentation.
More details on how VIVO will integrate with a Single Sign-On system like Shibboleth or CUWebAuth.
What is the mechanism?
- The common way:
- sit behind a reverse proxy
- proxy intercepts a special request
- after login is complete, proxy redirects to the original request.
- HTTP header must contain a UID or equivalent identifier.
- Commonly Apache, with a module to accomplish the work
- The other way
- specify a redirection URL
- No proxy or interception required.
- HTTP header is the same.
- Where is the /loginExternalAuthReturn page?
- VIVO just redirects from there.
- Home page
- Profile page
- New account
- VIVO just redirects from there.
How to debug?
- Is the request being intercepted?
- Increase the log settings
- Look at headers
- Is your UID in a header?
- Configure VIVO to read that header.
- Otherwise, configure the reverse proxy to intercept it.
2014-03-26 14:15:32,096 DEBUG [LoginExternalAuthReturn] ------------request:http://localhost:8080/vivo/loginExternalAuthReturn 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] host=localhost:8080 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] origin=https://ligo.tw.rpi.edu 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] cookie=JSESSIONID=C821D915DD2DAE74731486F29EF5EF6E; _shibsession_64656661756c7468747470733a2f2f7477322e74772e7270692e6564752f73686962626f6c657468=_ede84590605590017f65fd47d897bf9e; _shibstate_1395857627_c1ba= 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] user-agent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] accept-language=en-us 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] referer=https://ligo.tw.rpi.edu/idp/profile/SAML2/Redirect/SSO 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] accept-encoding=gzip, deflate 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] shib-cookie-name= 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] shib-session-id=_ede84590605590017f65fd47d897bf9e 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] shib-session-index=_6a470e1d2566f397fdc5e84d7f9a6830 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] shib-identity-provider=https://ligo.tw.rpi.edu/idp/shibboleth 2014-03-26 14:15:32,101 DEBUG [LoginExternalAuthReturn] shib-authentication-method=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] shib-authentication-instant=2014-03-26T18:15:31.945Z 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] shib-authncontext-class=urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] shib-authncontext-decl= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] shib-assertion-count= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] eppn= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] affiliation= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] unscoped-affiliation= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] entitlement= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] targeted-id= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] persistent-id= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] cn=Momo 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] sn=Chen 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] shib-application-id=default 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] remote_user= 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] x-forwarded-for=128.113.243.51 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] x-forwarded-host=tw2.tw.rpi.edu 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] x-forwarded-server=tw2.tw.rpi.edu 2014-03-26 14:15:32,102 DEBUG [LoginExternalAuthReturn] connection=Keep-Alive 2014-03-26 14:15:32,103 DEBUG [LoginExternalAuthReturn] externalAuthID='null'
Overview
Content Tools