You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 18 Next »

Sign in process

CORE uses federated login to authenticate users. After a user is successfully authenticated CORE checks the local user database to see if the user exists. It then loads all the user data, like user role, user presentations etc. and persists the user in a session. See diagram for a complete overview.

usersignin

Configuration

SimpleSAML can be configured in application/configs/application.ini

Config value

Description

simplesaml.dir

What is the location of your SimpleSAML installation

simplesaml.authsource

The name of the authentication source

simplesaml.saml_uid_attribute

The unique identifier used to identify a user.

simplesaml.saml_fname_attribute

Federated attribute for first name

simplesaml.saml_lname_attribute

Federated attribute for last name

simplesaml.saml_organisation_attribute

Federated attribute for organization name

simplesaml.saml_email_attribute

Federated attribute for email address

simplesaml.saml_country_attribute

Federated attribute for country

core.logSamlAttributes

Log SimpleSAML attributes upon every login attempt

User roles

The following user roles are defined.

  • Guest (not authenticated)
  • User (inherits from guest)
  • Submitter (inherits from user)
  • Presenter (inherits from user)
  • Reviewer (inherits from user)
  • Chair (inherits from user)
  • Admin
  • No labels