No Access to Projects when logging into AAF #4
Comments
|
Hi, were you able to figure this out? |
|
Nope.
I built a vanilla server with literally nothing else on it apart from XNAT to make sure it wasn’t some weird configuration I and it still wouldn’t work. Had to give up in the end - no response from anyone after first comment.
Are you having the same issue?
[EXXA Managed IT Services]<https://exxa.tech/>
On 10 Dec 2019, at 10:57 am, govin2000 <[email protected]<mailto:[email protected]>> wrote:
Hi, were you able to figure this out?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#4?email_source=notifications&email_token=AHRXTBIVPHWIKYTKQLWRAETQX3SP3A5CNFSM4G2YHYD2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEGLHZGA#issuecomment-563510424>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AHRXTBI4WEFGX46WFTCBYH3QX3SP3ANCNFSM4G2YHYDQ>.
|
|
Hey I opened a new issue which I think is probably related: #5 |
|
Hi There, Anyway, we have fixed this issue with an updated plugin. You can read full documentation here with a link to new plugin repository. This has been tested on Xnat 1.7.6. https://australian-imaging-service.github.io/charts/operations/AAF-Integration.html Thanks, Alastair |
Hey Alastair, Thank you very much for this. I have tested your fork against a local instance of keycloak and it seem to work perfectly so far! |
Hi there,
I installed your plugin and can login - looks good and works great so thank you - except...
I can't access the projects - this is the error I get.
I am an admin so have complete access to everything. Doesn't matter if I approve permissions or specifically add my user in the Project Access section I can't access. Tried logging off and on again, no joy.
If I add a new project I can access everything again until I log out. I can also access data / scans directly by selecting data from the Browse dropdown instead of Projects. Very strange. The only thing I can find in the logs is this:
org.nrg.xnat.security.XnatProviderManager - The provider ID openid is enabled, but there is no configured definition for that ID
My openid-provider.properties (I removed the secrets and siteURL)
auth.method=openid
type=openid
provider.id=openid
visible=true
auto.enabled=true
auto.verified=true
Name displayed in the UI
name=OpenID Authentication Provider
Toggle username & password login visibility
disableUsernamePasswordLogin=true
List of providers that appear on the login page, see options below.
enabled=aaf
Site URL - the main domain, needed to build the pre-established URL below.
siteUrl=
preEstablishedRedirUri=/openid-login
AAF OpenID
openid.aaf.accessTokenUri=https://central.aaf.edu.au/providers/op/token
openid.aaf.userAuthUri=https://central.aaf.edu.au/providers/op/authorize
openid.aaf.scopes=openid,profile,email
openid.aaf.link=
To sign-in using your AAF credentials, please click on the button below.
Flag that sets if we should be checking email domains
#openid.aaf.shouldFilterEmailDomains=true - This will probably need to be changed when we go live###
openid.aaf.shouldFilterEmailDomains=false
Domains below are allowed to login, only checked when 'shouldFilterEmailDomains' is true
openid.aaf.allowedEmailDomains=
Flag to force the user creation process, normally this should be set to true
openid.aaf.forceUserCreate=true
Flag to set the enabled property of new users, set to false to allow admins to manually enable users before allowing logins, set to true to allow access right away
openid.aaf.userAutoEnabled=false
Flag to set the verified property of new users
openid.aaf.userAutoVerified=true
Property names to use when creating users
openid.aaf.emailProperty=email
openid.aaf.givenNameProperty=name
openid.aaf.familyNameProperty=deliberately_unknown_property
Any help gratefully received.
Thanks,
Alastair Ferguson
The text was updated successfully, but these errors were encountered: