1: \label{Domain_Configuration_LangTZAuth}
2: Prior to LON-CAPA 2.7, default language and authentication type/argument
3: were defined in the domain's entry in the domain.tab file. Those settings
4: will continue to be used by servers in your domain until you have
5: displayed and saved the Default authentication, language, timezone data
6: table. Once that has been done, whenever values need to be determined
7: for these settings in the domain they will be retrieved from the configuration.db
8: file on the primary library server in your domain, which is where
9: information saved from the {}``Domain Configuration'' data tables
10: is stored. Any information in the domain.tab file will no longer be
11: consulted, except by servers running pre-2.7 versions of LON-CAPA.
12:
13: \textbf{Default domain configurations} can be assigned for:
14:
15: \begin{itemize}
16: \item \textit{default language} used by users in your domain, unless overridden by
17: a user preference
18: \item \textit{default authentication type} for new users in the domain. You will
19: need to set the default authentication if you intend to allow a user
20: to create a LON-CAPA account if the user successfully authenticated
21: via a central service at your institution (e.g., Kerberos), but is
22: without a LON-CAPA account. The default authentication is also the
23: default offered when Course Coordinators or Authors create new accounts,
24: assuming user creation is permitted in these contexts.
25: \item \textit{default timezone} - this will be the timezone used when showing any
26: times in your domain, unless overridden at a course level, by a course-wide
27: timezone. The timezones available are mostly in the form Continent/City,
28: although for the USA there are some in the form America/State/City
29: as well as EST5EDT, CST6CDT, MST7MDT, PST8PDT and HST (for Eastern,
30: Central, Mountain, Pacific and Hawaii Timezones, which adjust for
31: daylight savings as appropriate). If no default timezone is set times
32: will be displayed according to the timezone of the server hosting
33: the user's LON-CAPA session.
34: \item \textit{portal/default URL} - starting with LON-CAPA 2.10, a default URL can
35: be specified. This URL will be included in e-mail sent to confirm self-enrollment etc.
36: and might be for a load-balancer LON-CAPA server, or in the case of a multi-domain server,
37: for a specific alias used for the domain.
38: \end{itemize}
39:
40: \textbf{Domain settings for internal authentication} can also be set via the same screen.
41:
42: \begin{itemize}
43: \item \textit{Encryption cost for bcrypt} (positive integer). Starting with 2.11.2,
44: bcrypt is used to encrypt the password for an internally authenticated user.
45: The complexity of the encryption is determined by the bcrypt cost value. A higher
46: value means more complexity (and more time to validate a user's password). The
47: cost needs to be a positive integer. If no value is set in a domain, a default
48: of 10 will be used.
49: \item \textit{Check bcrypt cost if authenticated}. When an internally authenticated user
50: logins and the credentials are validated, the bcrypt cost used for the original
51: encryption can be compared with the current domain default. If the cost for
52: the stored encryption is less than the current domain setting, there are two
53: options - either allow login and update the stored encryption using the higher cost,
54: or disallow login. The default is not to compare the original cost with the
55: current domain setting.
56: \item \textit{Existing crypt-based switched to bcrypt if authenticated}. When an internally
57: authenticated user logs-in and the credentials are validated, if the stored
58: credentials are currently encrypted with crypt, there is an option to update
59: the stored encryption to use bcrypt, with or without backing-up the existing passwd
60: file to a passwd.bak file. The default is not to update the stored passwd file,
61: so existing users who have crypt-based stored passwords will continue to do so
62: until such time as they change their password.
63: \end{itemize}
64:
65: \textbf{Institutional user types} can also be defined for the domain via the same screen.
66:
67: Prior to LON-CAPA 2.11, institutional user types were defined in the \&inst\_usertypes
68: subroutine in localenroll.pm, which would be customized for consistency with types
69: defined in institutional data feeds. Setting of user types via the Domain Configuration
70: web GUI supersedes use of localenroll::inst\_usertypes(). Items that can be set are:
71:
72: \begin{itemize}
73: \item \textit{Internal ID} (e.g., faculty)
74: \item \textit{Name Displayed} (e.g., Faculty/Academic Staff)
75: \item \textit{Order} (Listing order, 1 through N, when the type is to be selected from a list).
76: \item \textit{Assignment to ``email-based'' usernames} Whether status type can also be assigned to a non-institutional user with an e-mail address as username
77: \end{itemize}
78:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>