...
The following are instructions for adding DistAuth login to Sakai 1.5 and 2.0 (This is assuming one login page that is protected by DistAuth, version 1 below)
Sakai 1.5
1. Add the following params to the ..\Tomcat 5.0\conf web.xml to declare the DistAuth Filter and mapping.. Basically these are configurable pieces that not everyone will need, but we should put them in. ProtectionLevel is most important (2 is default, 3 is AFS)
<filter>
<filter-name>ucdfilter</filter-name>
...
<url-pattern>/tunnel/sakai-chef-tool/authn/*</url-pattern>
</filter-mapping>
2. Rebuild chef-tools module in Sakai (or full Sakai if you haven't made significant changes). Redeploy to Tomcat?just copying the WAR file doesn't seem to be enough. Verify that the source codes being changed are indeed modified at the Tomcat level. I have not found a maven goal that does this specifically..
3. Add top.login=false and container.auth=true to the sakai.properties file (this will turn off the password field on the login page)
4. Restart Tomcat: test that when you hit login (you shouldn't be localhost, use your IP so that the domain cookie is set correctly and can be seen), that the form that has the "DistAuth log in" button is there. When you click this button, you should be taken to DistAuth. Check error logs for the debugging code that I have in Cookies/Filters, etc.
Sakai 2.0
1. Add the following params to the ~[CurrentSakaiInstall]\login\login\src\webapp\WEB-INF\web.xml to declare the DistAuth Filter and mapping.. Basically these are configurable pieces that not everyone will need, but we should put them in. ProtectionLevel is most important (2 is default, 3 is AFS)
<webapp>
..
<filter>
<filter-name>sakai.request</filter-name>
<filter-class>org.sakaiproject.util.RequestFilter</filter-class>
</filter>
<filter>
<filter-name>sakai.request.container</filter-name>
<filter-class>org.sakaiproject.util.RequestFilter</filter-class>
<init-param>
<param-name>tool.placement</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>remote.user</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>ucdfilter</filter-name>
<filter-class>edu.ucdavis.security.distauth.AuthenticationFilter</filter-class>
...
<listener>
<listener-class>org.sakaiproject.util.ToolListener</listener-class>
</listener>
..
</webapp>
2. Rebuild Sakai (or full Sakai if you haven't made significant changes). Redeploy to Tomcat?just copying the WAR file doesn't seem to be enough. Verify that the source codes being changed are indeed modified at the Tomcat level. I have not found a maven goal that does this specifically..
3. container.login=true to the sakai.properties file (this will turn off the password field on the login page, located at ..[TomcatInstall]\sakai)
4. Restart Tomcat: test that when you hit login (you shouldn't be localhost, use your IP so that the domain cookie is set correctly and can be seen). When you click the "Login" link on the portal, you should be taken to DistAuth. Check error logs for the debugging code that I have in Cookies/Filters, etc.
Screenshots are provided for 2 1 version-s- (based on REQUIREMENTS, we are only doing number 2):
1. ) Dist Auth login and login buttons appear on site Login. Each will take you to a different location to authenticate.
2. ) One Login button replaces username and password form boxes on the site Login, takes you to a central login for both DistAuth and Sakai admin.