Table of Contents
Installation
Get the software
Git
cd [your-webroot]
git clone https://git-repo.iml.unibe.ch/iml-open-source/login-aai.git login_aai
cd login_aai
Manual steps
- Download the archive https://git-repo.iml.unibe.ch/iml-open-source/login-aai/-/archive/main/login-aai-main.zip (archive formats tar.gz, tar.bz2 and tar are available too).
- In the webroot create a subfolder “login_aai”.
- Extract the files of the archive there.
Filestructure
This is the filestructure you get:
.
├── Readme.md
├── classes
│ :
├── config.php.dist <<< config template
├── docs
│ :
├── functions.js
├── inc_functions.php
├── index.php
├── lang <<< folder with translation files (Json)
│ :
├── login_aai.css
├── mode <<< Views
│ ├── boxes
│ │ ├── index.php
│ │ └── screen.css
│ ├── list
│ │ :
│ └── wayf
│ :
├── screen.css
└── screen_custom.css.dist
Bring it up
Steps
- Copy config.php.dist to config.php and make your changes. See chapter Configuration.
- Do NOT protect this folder with Shibboleth that it can be accessed anonymous
- Set a Link for Login to
/login_aai/where needed - For local development see the pade “Development”
File permissions
- The webserice needs read access.
- The class creates a cachefile “discofeed.json”. If there is no write permission in the appfolder then configure another directory with write permissions.
Notes
The web ui offers just a frontend for your visitors to link multiple organisations.
That the logins at another IDP work you still need to
- Create a Service provider on your AAI Federation
- Configure Shibboleth and whitelist the wanted IDPs
- For access from other federations (countries):
- You and your partner need to enablle EDUGAIN.
- The parter IDP must enable the domain of your website
Links: