[Using Sakai] Kerberos configuration -> create user in DB after correct login
Nicolas Lehmann
mail at nicolaslehmann.de
Mon Feb 25 10:46:45 PST 2013
Hi everybody,
we changed from trying to use JLDAP to Kerberos.
We create users only with an username, without any other information,
especially without password.
Possible usernames are <username> or <username>@FU-BERLIN.DE. (where
<username> is defined by the zedat and created manually in Sakai)
We can login with an username and the correct password from Kerberos.
This already works!
Now we want Sakai to create a new user in the Sakai-database if she/he
is authentificated by Kerberos and not already (there) created.
We made some changes in the sakai.properties. Here they are:
provider.kerberos.auth.login.config=sakai-jaas.conf
#is default: provider.kerberos.krb5.conf=/etc/krb5.conf
provider.kerberos.showconfig=true
# requireLocalAccount at org.sakaiproject.user.api.UserDirectoryProvider
<mailto:requireLocalAccount at org.sakaiproject.user.api.UserDirectoryProvider>=false
# knownUserMsg at org.sakaiproject.user.api.UserDirectoryProvider
<mailto:knownUserMsg at org.sakaiproject.user.api.UserDirectoryProvider>="Integrity
check on decrypted field failed"
domain at org.sakaiproject.user.api.UserDirectoryProvider
<mailto:domain at org.sakaiproject.user.api.UserDirectoryProvider>="FU-BERLIN.DE"
Questions:
1) What do we have to do to make Sakai create users in the
Sakai-database (@login) if an user doesn't exists.
2) Is the message "Integrity check on decrypted field failed" correct?
Hope for your help!
Greetings from Berlin
Nicolas Lehmann
----------
TA Nicolas Lehmann
Freie Universität Berlin
Institut für Informatik
Takustr. 9, 14195 Berlin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-user/attachments/20130225/845cab72/attachment.html
More information about the sakai-user
mailing list