Shibboleth + SQLDirectory + Users Creation


I'm trying to figure what is happening when using Shib authentification. The point is : how a Shibb authentification can create automagically the user into “users” table ?

Example :

  1. the user ask a nuxeo resource
  2. not currently authenticated, the user is redirected to the WAYF then its IDP and if everything Okay to the resource.
  3. At this time, we can imagine two usecase (from here I'm not really sure, correct me please)) :
  4. a– the user exists in the LDAPDirectory : everything okay, privilege granted to the resource ;
  5. b– the user try its chance using the SQLDirectory : no entry into users table –> Fails

The Shibb plugin doesn't create any account …

Optional questions :

  • how the order between the SQLDirectory / LDAPDirectory is decided ?
  • the creation doesn't happen due to permissions denied ? database rights ? me ? :/

thanks Kahlua

0 votes

0 answers