Open antolinos opened 4 years ago
Could this be potential used for other authentication system other than ldap? For example, a user might have a different username when using OpenID
Might be. We use LDAP, DB and openID and we have not needed these parameters. However, we would like to enrich the metadata of a user with extra information. Status of the safety training is one of them.
Out of curiosity in all those systems is the user using the same username?
Not in my case.
@dfq16044,
Could this be potential used for other authentication system other than ldap? For example, a user might have a different username when using OpenID
You want to deal with the case that one single user may have different ways to authenticate, such as LDAP and OpenID and you want to always map them to the same user in ICAT, independently of which authentication the user chose, did I understand you correctly? This needs to be solved in the authentication plugin: on successful authentication, the plugin returns a name and the user object having that name attribute will be associated with that login session. It is common practice to configure authentication plugins such that they add a prefix to the name, just to avoid that different plugins may map to the same ICAT user, but this is not required. The best option to solve this, however, would be to deploy a single sign-on plugin that handles all the different authentication methods and is able to properly match the user.
In any case, this unrelated to this issue.
Yes that was the case. I agree with you the best option would be a single sign-on but not sure if all facilities are using it. The idea was that if you don't have single sign-on, you could potentially use the UserParameter.
Today the amount of metadata that can be associated with a user is limited and the fields are basically: name, fullName, email, orcid.
It would be great to enrich the metadata of a user.
I don't know what will be be the best implementation but I would suggest from my ignorance to add a new entity called UserParameter
UserParameter A parameter associated with a user
Uniqueness constraint user, type
Other fields: