[Building Sakai] User account integration

Brandon Davie brandondavie at mckeelacademy.com
Wed Jul 7 06:14:21 PDT 2010 

Hi Steve,

Thanks for the information. Is there any documentation regarding
implementing a custom UserDirectoryProvider? I¹ve looked within the
Programmer¹s Café and haven¹t found anything substantial.

Our plans have changed (yet again), though. It looks like we implemented a
SAML based auth service and would like to offload all authentication to it.
Ideally Sakai would perform the auth request and login the user (creating a
local account if necessary) or otherwise redirect to the identity provider¹s
login to allow the user to sign in and be redirected back to Sakai. I
imagine this would be easier to set up within Sakai than writing a custom
UserDirectoryProvider to handle the auth locally.  Any tips or documentation
on that?

We are actually using a slightly customized version of simpleSAMLphp if that
helps. 

Thanks!

Brandon Davie
Programmer
The Schools of McKeel Academy
(863) 499 2818 EXT 222



From: Steve Swinsburg <steve.swinsburg at gmail.com>
Date: Sat, 3 Jul 2010 19:05:53 +1000
To: Brandon Davie <brandondavie at mckeelacademy.com>
Cc: <sakai-dev at collab.sakaiproject.org>
Subject: Re: [Building Sakai] User account integration

Hi Brandon,

Take a look at the providers module in the source of Sakai. This is where
the LDAP/Kerberos providers reside. You could create a new provider that
talks to your database by implementing UserDirectoryProvider and optionally
ExternalUserSearchUDP. This provider will then 'provide' the account details
to Sakai, ie name, email etc.

For SSO, I'd recommend CAS. You would set this up at your institution and
configure CAS to talk to the same database to get the user information. Then
configure Sakai to offload it's authentication to CAS:
http://confluence.sakaiproject.org/display/~steve.swinsburg/CASifying+Sakai

cheers,
Steve

On 03/07/2010, at 1:30 AM, Brandon Davie wrote:

> Hello,
> 
> I¹m looking to use an external MySQL database to authenticate users in Sakai
> 2.7. Password and certain profile changes (i.e., first & last names) done from
> within Sakai also need to filter over to this MySQL database. Any pointers?
> I¹ve done some searching and found articles on how to implement LDAP or CAS,
> but nothing along these lines. I¹m new to Sakai so please be patient with me
> ;-) 
> 
> A secondary objective would be to support SSO, including signing the user into
> Sakai if they sign in elsewhere, sign out of Sakai if they sign out elsewhere,
> sign in to other resources if they sign into Sakai, and sign out of other
> resources if they sign out of Sakai.
> 
> Thanks! 
> 
> Brandon Davie
> Programmer
> The Schools of McKeel Academy
> (863) 499 2818 EXT 222
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
> 
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org
> with a subject of "unsubscribe"



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100707/315b0aaf/attachment.html

More information about the sakai-dev mailing list