Sign in process
CORE uses federated login to authenticate users. After a user is successfully authenticated CORE checks the local user database to see if the user exists. It then loads all the user data (user role, presentations by this user, submissions by this user etc.) and persists the user in a session. See diagram for a complete overview.
Configuration
SimpleSAML can be configured in application/configs/application.ini
Config value |
Description |
---|---|
|
What is the location of your SimpleSAML installation |
|
The name of the authentication source |
|
The unique identifier used to identify a user. |
|
Federated attribute for first name |
|
Federated attribute for last name |
|
Federated attribute for organization name |
|
Federated attribute for email address |
|
Federated attribute for country |
|
Log SimpleSAML attributes upon every login attempt |
User roles
The following user roles are defined.
- Guest (not authenticated)
- User (inherits from guest)
- Submitter (inherits from user)
- Presenter (inherits from user)
- Reviewer (inherits from user)
- Chair (inherits from user)
- Admin