Annotation of loncom/html/adm/help/tex/Domain_Configuration_Login_Page.tex, revision 1.10
1.1 raeburn 1: \label{Domain_Configuration_Login_Page}
1.10 ! raeburn 2:
! 3: \textbf{Log-in Service}
! 4:
1.4 raeburn 5: If your domain has more than one server you have the option to configure whether
1.7 raeburn 6: any of the servers will redirect to another server whenever the log-in page is requested. This can be useful if you maintain a portal or ``Load Balancer'' server which
1.4 raeburn 7: forms your institution's gateway to LON-CAPA. You can specify the path to which
8: the user should be redirected, and also whether log-in page requests from specific
9: IP addresses should be exempt from the redirection. The exemption is useful
10: if you run a monitoring script which tests log-in, course display, and logout periodically for each of your LON-CAPA servers.
11:
1.10 ! raeburn 12: \hfill{}
! 13:
! 14: \textbf{Log-in Page Items}
! 15:
1.4 raeburn 16: If your domain only has one LON-CAPA server, or you have multiple servers and will
17: display their log-in pages, their appearance can be customized as follows:
1.1 raeburn 18:
19: \begin{itemize}
1.2 raeburn 20: \item uploading custom image files
1.1 raeburn 21: \item changing colors of text, links or backgrounds
1.2 raeburn 22: \item enabling/disabling display of specific links
1.1 raeburn 23: \end{itemize}
24: Logos displayed in the login page configuration table are scaled down
25: from the full size used in the login-page itself.
26:
27: \hfill{}
28:
29: \noindent The following elements are configurable:
30:
31: \begin{itemize}
32: \item Header image at the top of the page
1.2 raeburn 33: \item Main Logo centered in the upper part of the main panel
1.1 raeburn 34: \item Domain logo in the lower left corner of the main panel
1.8 raeburn 35: \item Header above the login panel - can also be set to use text ``Login''
36: instead of an image.
1.2 raeburn 37: \item Background colors for the page itself, the main panel, and the left
1.1 raeburn 38: (side) panel.
39: \item Text color used for text on the page
1.5 raeburn 40: \item Text colors used for active, visited and unvisited links
1.9 raeburn 41: \item Enable/disable display of four links:
1.1 raeburn 42:
43: \begin{itemize}
1.3 bisitz 44: \item Course/Community Catalog, for a catalog of courses and communities
1.2 raeburn 45: \item Admin E-mail, for the e-mail address of the administrator
1.5 raeburn 46: \item Contact Helpdesk, to display a web form used to submit a help request
1.2 raeburn 47: \item New User, for users to create their own accounts
1.1 raeburn 48: \end{itemize}
49: \item Default colors for links in the page, depending on status: either
50: active, visited or default (if neither apply).
51: \end{itemize}
1.5 raeburn 52:
53: \hfill{}
54:
1.9 raeburn 55: A ``Log-in Help'' link will be displayed immediately above any of the four optional links:
56: Catalog, Contact Helpdesk, Admin Email, and New User. Configuration options determine to which
1.5 raeburn 57: file(s) the ``Log-in Help'' points. The default file can be replaced with a custom HTML file
58: containing information pertinent to your institution. In addition, versions of the custom
59: file, translated into the twelve languages supported by LON-CAPA can be uploaded, and the
60: link will automatically point to the appropriate (localized) file, depending on the viewer's
61: language preference (as reported by the client web browser).
62:
63: \hfill{}
64:
1.10 ! raeburn 65: \textbf{Log-in Help}
! 66:
1.5 raeburn 67: Where the ``Contact Helpdesk'' web form is in use it can be configured to include a CAPTCHA
68: mechanism to discourage robotic form completion. There are two types of CAPTCHA to choose
69: from -- the ``original'' CAPTCHA which uses a self-contained perl module included with the
1.6 raeburn 70: LONCAPA prerequisites, or ReCAPTCHA, which uses an external web service --
1.5 raeburn 71: https://google.com/recaptcha -- and requires you to create an account and generate public
72: and private keys which will be entered in the domain configuration form. If you have more
73: than one server in your domain, you should request ``global'' keys, as the same keys will be
1.9 raeburn 74: used by the Contact Helpdesk ReCAPTCHA on all servers in your domain. If using ReCAPTCHA, you
75: can indicate whether version 1 or 2 should be used.
1.7 raeburn 76:
77: \hfill{}
78:
1.10 ! raeburn 79: \textbf{Custom HTML in document head}
! 80:
1.7 raeburn 81: The head portion of the log-in page may contain custom mark up (e.g., a script block containing
82: javascript for page analytics) in a file which will be uploaded and published public.
83: Different custom markup may be uploaded for each server in a domain, and a comma separated list
84: of IP addresses may be specified for which the custom markup will not not be included in the page,
85: when the request for the log-in page originates from one of those addresses. A use case for the
86: exempt IP addresses is where robotic requests for the log-in page and made from a monitoring
1.10 ! raeburn 87: machine, used to detect when a LON-CAPA server is not working correctly.
! 88:
! 89: \hfill{}
! 90:
! 91: \textbf{Dual login: SSO and non-SSO}
! 92:
! 93: For a LON-CAPA node configured to support Single Sign On (SSO), e.g., by operating as a Shibboleth SP,
! 94: entries in Apache config files (loncapa_apache.conf, if Shibboleth) will cause display of an SSO login page
! 95: when a user without a current LON-CAPA session accesses /adm/roles. If, instead, it is preferred
! 96: to display /adm/login configured to offer dual SSO log-in (e.g., Shibboleth), and non-SSO login
! 97: (i.e., LON-CAPA), that can be set using the ``Dual login: SSO and non-SSO options'' section.
! 98:
! 99: Check the ``Yes'' radio button for each of the domain's servers which will offer dual login check "Yes" and then set:
! 100:
! 101: \begin{itemize}
! 102: \item SSO: Text, Image, Alt Text, URL, Tool Tip
! 103: \item non-SSO: Text
! 104: \end{itemize}
! 105:
! 106: The value in the URL field will be /adm/sso for Shibboleth, and the image will be for a button to be clicked
! 107: to load /adm/sso to prompt for SSO login. The alt and title attributes for the button can also be set.
! 108:
! 109: With this in effect the LON-CAPA login page /adm/login will display the following:
! 110:
! 111: \begin{itemize}
! 112: \item Log-in type:
! 113: Immediately followed by the text for either SSO, or non-SSO login, as entered in the ``Dual login: SSO and non-SSO options''
! 114: textboxes for SSO and non-SSO.
! 115:
! 116: \item Change?
! 117: A link below the ``Login type:'' line which can be used to toggle between the SSO and non-SSO logins
! 118:
! 119: \item Button (SSO) or Log-in box (non-SSO)
! 120:
! 121: \begin{itemize}
! 122:
! 123: \item SSO - an image (i.e., clickable button) which as uploaded in the SSO option item, with alt text, and a tool tip
! 124: shown when hovering over the button.
! 125:
! 126: \item Non-SSO - standard LON-CAPA login box for username, password, domain and "Log In" button.
! 127:
! 128: \end{itemize}
! 129:
! 130: \end{itemize}
! 131:
! 132: If the SSO service is something other than Shibboleth (e.g., CAS or Sentinel) and the PerlVar lonOtherAuthenUrl has
! 133: been set to a preferred URL (e.g., /adm/sentinel), then the URL item in the SSO entry in the dual login options
! 134: should be set to that preferred URL also.
! 135:
! 136: Note: if the original page request by an unauthenticated user included a query string with any of the following items:
! 137: role, symb, and linkkey, then they will be stored in a token file on the server, for access later to support deep-linking.
! 138: Similarly, if the query string contained an ltoken item from successful launch from an LTI Consumer, where LON-CAPA is the LTI Provider,
! 139: and for that Consumer LON-CAPA is not configured to accept user information, and the destination is a deep-link URL:
! 140: /tiny/domain/uniqueID, then the LTI number, type (c or d), and tiny URL will be saved as the linkprot item in a token file.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to Domain_Configuration_Login_Page.tex CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / html / adm / help / tex