objectClass=eduPerson, inetOrgPerson, mailRecipient, organizationalPerson, person
# An introductory text for the coupon code page.
couponsIntro=You may upgrade the quota for your account by entering the coupon code you received in the field below and clicking 'submit'. Please make sure that your account information displayed below is correct. Unauthorized use of coupons by other users is not permitted.
+authAnnouncement=Οι χρήστες ηλεκτρονικών υπηρεσιών του Αριστοτελείου Πανεπιστημίου Θεσσαλονίκης έχουν πρόσβαση με τον ιδρυματικό λογαριασμό <http://noc.auth.gr/services/personal/accounts/> τους σε επιπλέον προσωπικό αποθηκευτικό χώρο <http://noc.auth.gr/services/personal/personalStorage/> στο ΑΠΘ με χρήση των πρωτοκόλλων SMB/CIFS (λογισμικό Samba) και FTP. Περισσότερες πληροφορίες είναι διαθέσιμες και στον ιστοχώρο του Κέντρου Λειτουργίας Δικτύου ΑΠΘ (http://noc.auth.gr)
+authgr=auth.gr
\ No newline at end of file
String[] attrs = new String[] {"REMOTE_USER", "HTTP_SHIB_INETORGPERSON_DISPLAYNAME",
"HTTP_SHIB_INETORGPERSON_GIVENNAME", "HTTP_SHIB_PERSON_COMMONNAME",
"HTTP_SHIB_PERSON_SURNAME", "HTTP_SHIB_INETORGPERSON_MAIL",
- "HTTP_SHIB_EP_UNSCOPEDAFFILIATION", "HTTP_PERSISTENT_ID"};
+ "HTTP_SHIB_EP_UNSCOPEDAFFILIATION", "HTTP_PERSISTENT_ID", "HTTP_SHIB_HOMEORGANIZATION"};
StringBuilder buf = new StringBuilder("Shibboleth Attributes\n");
for (String attr: attrs)
buf.append(attr+": ").append(request.getAttribute(attr)).append('\n');
Object snAttr = request.getAttribute("HTTP_SHIB_PERSON_SURNAME"); // Multi-valued
Object mailAttr = request.getAttribute("HTTP_SHIB_INETORGPERSON_MAIL"); // Multi-valued
Object persistentIdAttr = request.getAttribute("HTTP_PERSISTENT_ID");
+ Object homeOrganizationAttr = request.getAttribute("HTTP_SHIB_HOMEORGANIZATION");
// Use a configured test username if found, as a shortcut for development deployments.
String gwtServer = null;
if (getConfiguration().getString("testUsername") != null) {
authErrorUrl += "&sn=" + (snAttr==null? "-": snAttr.toString());
authErrorUrl += "&cn=" + (cnAttr==null? "-": cnAttr.toString());
authErrorUrl += "&mail=" + (mailAttr==null? "-": mailAttr.toString());
+ authErrorUrl += "&homeOrg=" + (homeOrganizationAttr == null ? "-" : homeOrganizationAttr.toString());
response.sendRedirect(authErrorUrl);
return;
}
idpid = persistentId.substring(bang + 1);
}
}
+ String homeOrganization = homeOrganizationAttr != null ? decodeAttribute(homeOrganizationAttr.toString()) : "";
try {
user = getService().findUser(username);
if (user == null)
- user = getService().createUser(username, name, mail, idp, idpid);
+ user = getService().createUser(username, name, mail, idp, idpid, homeOrganization);
if (!user.isActive()) {
logger.info("Disabled user " + username + " tried to login.");
response.sendError(HttpServletResponse.SC_FORBIDDEN, "This account is disabled");
user.setEmail(mail);
user.setIdentityProvider(idp);
user.setIdentityProviderId(idpid);
+ user.setHomeOrganization(homeOrganization);
UserLogin userLogin = new UserLogin();
userLogin.setLoginDate(new Date());
final User userDto = new TransactionHelper<User>().tryExecute(new Callable<User>() {
@Override
public User call() throws Exception {
- return getService().createUser(username, firstname + " " + lastname, email, "", "");
+ return getService().createUser(username, firstname + " " + lastname, email, "", "", "");
}
});
*/
private String webDAVPassword;
+ /**
+ * The HTTP_SHIB_HOMEORGANIZATION schiboleth attribute that is not used to determine the AUTH users
+ */
+ private String homeOrganization;
+
/**
* Retrieve the firstname.
*
webDAVPassword = sb.toString();
}
+ public String getHomeOrganization() {
+ return homeOrganization;
+ }
+
+ public void setHomeOrganization(String homeOrganization) {
+ this.homeOrganization = homeOrganization;
+ }
}
* @throws DuplicateNameException if a user with the same username already exists
* @throws ObjectNotFoundException if no username was provided
*/
- public User createUser(String username, String name, String mail, String idp, String idpid)
+ public User createUser(String username, String name, String mail, String idp, String idpid, String homeOrg)
throws DuplicateNameException, ObjectNotFoundException;
/**
@Override
public User createUser(String username, String name, String mail,
- String idp, String idpid) throws ObjectNotFoundException {
+ String idp, String idpid, String homeOrg) throws ObjectNotFoundException {
if (username == null)
throw new ObjectNotFoundException("No username specified");
if (name == null)
user.generateAuthToken();
user.generateWebDAVPassword();
user.setUserClass(getDefaultUserClass());
+ user.setHomeOrganization(homeOrg);
dao.create(user);
// Make sure we get an ID in the user object.
dao.flush();
* @throws ObjectNotFoundException if no username was provided
*/
public User createUser(String username, String name, String mail,
- String idp, String idpid) throws DuplicateNameException,
+ String idp, String idpid, String homeOrg) throws DuplicateNameException,
ObjectNotFoundException;
/**
put("groups", parentUrl + PATH_GROUPS).put("trash", parentUrl + PATH_TRASH).
put("shared", parentUrl + PATH_SHARED).put("others", parentUrl + PATH_OTHERS).
put("quota", statistics).put("tags", parentUrl + PATH_TAGS);
- String announcement = getConfiguration().getString("announcement");
+ String announcement = getConfiguration().getString("announcement", "");
+ String authgr = getConfiguration().getString("authgr", "auth.gr");
+ if (authgr.equals(user.getHomeOrganization()))
+ announcement += getConfiguration().getString("authAnnouncement", "");
if (announcement != null && !announcement.isEmpty())
json.put("announcement", announcement);
List<UserLogin> userLogins = getService().getLastUserLogins(owner.getId());
<P>sn (person): <%= request.getParameter("sn") %><BR>
<P>cn (person): <%= request.getParameter("cn") %><BR>
<P>mail (inetOrgPerson): <%= request.getParameter("mail") %><BR>
+<P>homeOrg: <%= request.getParameter("homeOrg") %><BR>
</center>
</div>
<div class="footer"></div>