[Pkg-owncloud-commits] [owncloud-doc] 11/40: updates to shibboleth page

David Prévot taffit at moszumanska.debian.org
Thu Dec 17 19:22:14 UTC 2015 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to annotated tag v8.2.2RC1
in repository owncloud-doc.

commit 68b2a7f56f7d42b737fbefd7cb4282552ba44afc
Author: Carla Schroder <carla at owncloud.com>
Date:   Thu Nov 19 11:52:55 2015 -0800

    updates to shibboleth page
---
 .../user_auth_shibboleth.rst                       |  84 ++++++++++-----------
 admin_manual/images/shib-gui2.png                  | Bin 0 -> 12385 bytes
 admin_manual/images/shib-gui5.png                  | Bin 35247 -> 70565 bytes
 admin_manual/images/shib-gui6.png                  | Bin 0 -> 43939 bytes
 4 files changed, 38 insertions(+), 46 deletions(-)

diff --git a/admin_manual/enterprise_user_management/user_auth_shibboleth.rst b/admin_manual/enterprise_user_management/user_auth_shibboleth.rst
index 1535c3e..6dcd21e 100644
--- a/admin_manual/enterprise_user_management/user_auth_shibboleth.rst
+++ b/admin_manual/enterprise_user_management/user_auth_shibboleth.rst
@@ -9,19 +9,29 @@ The ownCloud Shibboleth user backend application integrates ownCloud with a
 Shibboleth Service Provider (SP) and allows operations in federated and 
 single-sign-on infrastructures. Setting up Shibboleth has three steps:
 
-1. Create the appropriate Apache configuration
-2. Enable the Shibboleth app
-3. Enable Shibboleth on your ownCloud admin page
+1. Create the appropriate Apache configuration.
+2. Enable the Shibboleth app.
+3. Map Shibboleth environment variables to ownCloud attributes.
 
 Currently supported installations are based on the `native Apache integration`_ 
 . The individual configuration of the service provider is highly dependent on 
 the operating system, as well as on the integration with the Identity 
 Providers (IdP), and require case-by-case analysis and installation.
 
-The ownCloud Desktop Client and mobile clients can interact with an 
+The ownCloud Desktop Client can interact with an 
 ownCloud instance running inside a Shibboleth Service Provider by using built-in 
 browser components for authentication against the IdP.
 
+The regular ownCloud Android and iOS mobile apps do not work with Shibboleth.
+However, customers who create 
+:doc:`branded mobile apps with ownBrander 
+<../enterprise_clients/creating_branded_apps>`
+have the option to enable SAML authentication in ownBrander.
+
+Enterprise customers also have the option to request a regular ownCloud 
+mobile client built to use Shibboleth from their ownCloud account 
+representatives.
+
 The ownCloud desktop sync client and mobile apps store users' logins, so 
 your users only need to enter their logins the first time they set up their 
 accounts. These screenshots show what the user sees at account setup. Figure 1 
@@ -30,6 +40,7 @@ shows a test Shibboleth login screen from
 sync client.
 
 .. figure:: ../images/shib-gui1.png
+   :alt: First client login screen.
 
    *figure 1: First login screen*
    
@@ -38,6 +49,7 @@ server and login information just like it does for any other ownCloud server
 connections.
 
 .. figure:: ../images/shib-gui4.png
+   :alt: The ownCloud client shows which server you are connected to.
 
    *figure 2: ownCloud client displays server information*
    
@@ -161,51 +173,31 @@ Further Shibboleth specific configuration as defined in
 	  require valid-user
 	</Location>
 
-Application Configuration
--------------------------
-
-After installing and enabling the Shibboleth application there are three 
-configuration variables to set up, depending on the data sent back by the 
-IdP. The configuration is stored in ``apps/user_shibboleth``.
-
-.. code-block:: php
-
-	namespace OCA\user_shibboleth {
-	        const SHIB_SESSION_ID = 'Shib-Session-ID';
-	        const SHIB_EPPN = 'eppn';
-	        const SHIB_EMAIL = 'eppn';
-	        const SHIB_DISPLAY_NAME = 'eppn';
-	}
-
-
-+---------------------+--------------------------------------------------------+
-| Parameter           | Description                                            |
-+---------------------+--------------------------------------------------------+
-| SHIB_SESSION_ID     | This constant defines the name of the environment      |
-|                     | variable holding the Shibboleth session id.            |
-+---------------------+--------------------------------------------------------+
-| SHIB_EPPN           | This constant defines the name of the environment      |
-|                     | variable which holds the EPPN (eduPersonPrincipalName).| 
-|                     | This is the unique user identifier.                    | 
-+---------------------+--------------------------------------------------------+
-| SHIB_EMAIL          | The environment variable with this given name holds the|
-|                     | email address of the logged-in user.                   |
-+---------------------+--------------------------------------------------------+
-| SHIB_DISPLAY_NAME   | This constant defines the name of the environment      |
-|                     | variable holding the user's display name.              |
-+---------------------+--------------------------------------------------------+
-
-Enabling the Shibboleth App
----------------------------
-
-You must enable the Shibboleth app on your Apps page, and then check **Activate 
-Shibboleth** and click the **Save** button on your ownCloud Admin page. The 
-system information displayed on your Admin page may be useful for 
-troubleshooting; for example you can copy and include it on a support ticket.
+Enabling & Configurating the Shibboleth App
+-------------------------------------------
+
+You must enable the Shibboleth app on your Apps page, and then select the mode 
+you want Shibboleth to operate in from the dropdown on your Admin page, either 
+**Autoprovision Users** or **Single sign-on only**.
 
 .. figure:: ../images/shib-gui5.png
+   :alt: Shibboleth configuration screen.
+
+   *figure 3: Enabling Shibboleth on the Admin page*	
+
+In ownCloud 8.1 the Shibboleth variables were stored in 
+``apps/user_shibboleth/config.php``. This file was overwritten on upgrades. In 
+ownCloud 8.2 the variables are stored in the ownCloud database, so Shibboleth 
+is now automatically upgradeable.
+
+After installing and enabling the Shibboleth application there are four 
+Shibboleth environment configuration variables to map to ownCloud user 
+attributes.
+
+.. figure:: ../images/shib-gui6.png
+   :alt: Dropdowns for mapping Shibboleth environment configuration variables to ownCloud user attributes.
 
-   *figure 3: Enabling Shibboleth on the Admin page*
+   *figure 4: Mapping Shibboleth environment configuration variables to ownCloud user attributes*
 
 WebDAV Support
 --------------
diff --git a/admin_manual/images/shib-gui2.png b/admin_manual/images/shib-gui2.png
new file mode 100644
index 0000000..f2ee16a
Binary files /dev/null and b/admin_manual/images/shib-gui2.png differ
diff --git a/admin_manual/images/shib-gui5.png b/admin_manual/images/shib-gui5.png
index 703a4b2..69c38ec 100644
Binary files a/admin_manual/images/shib-gui5.png and b/admin_manual/images/shib-gui5.png differ
diff --git a/admin_manual/images/shib-gui6.png b/admin_manual/images/shib-gui6.png
new file mode 100644
index 0000000..58c562c
Binary files /dev/null and b/admin_manual/images/shib-gui6.png differ

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud-doc.git

More information about the Pkg-owncloud-commits mailing list