No Terms of Use when using Shibboleth

[alrb]

When using Shibboleth as authentication service new users don't see the Terms of Use. In local.py ACCOUNT_TERMS_OF_USE is set to True. Is this the intended behaviour or am I missing something?

[jochenklar]

Hi, right now ACCOUNT_TERMS_OF_USE is not supported for Shibboleth (or LDAP), since no new personal data is entered by the user. The main motivation for the terms of use feature was the GDPR-mania last year. We might change that in the future, but it is not straight forward because of the libraries we use for Shibboleth.

[m6121]

Hi, we do also need to use terms of use in combination with LDAP. As far as I have seen, these are still implemented for the sign-up process only. From an interface perspective, we would like to require users to accept the terms of use at their first login. If, however, they do not accept, no account will be created and they can not use the tool. At least for the LDAP authentication, we can help implementing this feature.

[johlton]

Hi, same requirement here for LDAP. Is there any community work in progress we could contribute to?

[m6121]

Hi @johlton, we did not yet worked on this issue.

[jochenklar]

In the meeting on 2023-02-23, we discussed that the best way to deal with this is probably a new custom middleware, which checks for the user if the consent flag is set, and if not, to redirect to a page where it can be set.

[jochenklar]

This needs to be postponed again.