Open helmo opened 4 years ago
To summerize the slack channel openeuropa-authn:
Setting the server to use ecas.acceptance.ec.europa.eu made no difference.
eguskim:
I did find out a mention of registering applications before using the acceptance server here: https://webgate.ec.europa.eu/CITnet/confluence/display/IAM/TEST+and+ACCEPTANCE+environments I would suggest trying to contact the ecas team and explaining the problem since it seems to be an issue on their side more than on the client (our) side
In case your application is not having an europa.eu domain name (whatever level under europa.eu or ec.europa.eu would be ok), you need to go through the regular registration with ECAS team in order to authorize the use of ECAS by your application. Best recommended option is to use our Cloud9 service for drupal developers - it automatically provides you a URL for your development machine below a europa.eu domain and this means that your development environment will be automatically whitelisted for EU Login, webtools use, Europa websites banner and multiple other similar cases. In case you use your own development environment you will have to go through the process of whitelisting/authorizing your specific URL on each of those individual services. For ECAS the default authorization (in place for our Cloud9 service) allows a default access - in case you need a customized mode you will have in any case to go through the authorization process since this one allows to require variations (eg. access for social media users, access for limited users or with MFA or similar).
So you have 3 options: either go through the authorization process (more details on the ECAS Service documentation at https://webgate.ec.europa.eu/CITnet/confluence/display/IAM/TEST+and+ACCEPTANCE+environments), use our Cloud9 for development (automatic authorization) or use the ECAS mockup provided by the ECAS team (https://webgate.ec.europa.eu/CITnet/confluence/display/IAM/Mockup). We recommend usage of the Cloud9 we have and since ECAS is a service managed by a separate team, we cannot support the other 2 options - for them you will have to interact directly with the ECAS support, our team is offering only the ECAS client module.
Thanks @fbota, could you add a note to the README of this project about it. Maybe something along the lines of:
To use this authentication the site using it needs te be under the europa.eu domain, e.g. http://example.ec.europa.eu
In case you use your own development environment you will have to go through the process of whitelisting/authorizing your specific URL on each of those individual services.
See [CITnet/confluence](https://webgate.ec.europa.eu/CITnet/confluence/display/IAM/TEST+and+ACCEPTANCE+environments) for more information.
Hi,
After installing this module I get the following error:
Instead of example.com I'm using a functional domain name.
Is there a need to register this website first before it can be used with EU login? I didn't seen any references in the README.md