Authentication questions

9 views
Skip to first unread message

Joyner Library

unread,
May 15, 2026, 8:12:55 AM (3 days ago) May 15
to DSpace Technical Support

DSpace Community,

My school is interested in changing authentication methods. We are currently using LDAP authentication and want to move to SSO through SAML authentication. The netid field in the database uses a person’s username rather than the full email address. SSO expects a person’s full email address.

I have a test instance of DSpace installed and plan on testing update scripts to add the full email address to the netid. Have other institutions faced a similar problem? Do you have a better recommendation? I was thinking about stripping the email address out during sign on but haven’t looked into the java needed to do that string manipulation.

Under LDAP we created a group to prevent public downloading of some documents.

authentication-ldap.login.specialgroup

Will new users added through SSO be part of that group? I didn’t see a similar group setting for SAML or shibboleth.

Thank you,
Nick

Reply all
Reply to author
Forward
0 new messages