...
- Ability to invite federation users by their email address than their
eppn - Non-federation users can access sakai using Guest account. The guest account will be converted to federation account when s/he login using Shib IdP for the first time.
- If a user from Shibboleth federation is added to a site and has not been logged in to Sakai previously, a guest account (and password) will be created for the user.
- Since WebDAV clients cannot use Shibboleth, WebDAV access is authenticated separately using Sakai, e.g. the password are stored using
SAKAI_USERtable. No need to use or configure RADIUS/other authentication method. - Adding participant to site (Site Info -> Add Participants) only use one text box which can be used to add both guest and federation accounts by their email address. Rationale: users do not know who is in the federation or not.
...
Configure Sakai
Edit sakai.properties to enable container login and use xlogin to relogin.
| Code Block |
|---|
top.login=false container.login = true # Login icon (uses container auth) login.text=Federation Login login.icon=/library/image/aaf_login.png # Controls 2nd button (bypasses container auth) xlogin.enabled=true xlogin.text=Login Others login.use.xlogin.to.relogin = true nonOfficialAccountSectionTitle=Federation users and other users nonOfficialAccountLabel=Enter email address |
...