1 260
szerkesztés
Módosítások
a
→Automatic user creation
The module by default uses the username and e-mail address taken from the <code>$_SERVER</code> headers, see [[#Attribute settings]] right above. On new user creation a random password is generated. This can be overwritten by the user unless you [[#Disallowing password change|disallow it]] by the userprotect module.
{{NOTE_EN|if the user overwrites the password, she can log in with her username and the new password.}}
==== Using custom values ====
You may want to let your users to define their own Drupal usernames and e-mail addresses other than what was received from the IdP. If either ''User-defined usernames'' or ''User-defined e-mail addresses'' option is set, new users are presented a form to enter data at the first logon.
* User-defined e-mail addresses are not verified, only well-formedness is checked
}}
==== Working with federated identifiers ====
If you enable the option ''User-defined usernames'' in the module configuration, every new user is presented a form to specify a Drupal username. This way you can work with opaque (federated) identifiers such as <code>eduPersonTargetedId</code>, as long as it appears in the $_SERVER variable holding the username. The only limitation is that the federated identifier cannot be longer than 255 characters, however it can contain characters otherwise not allowed in Drupal account names (such as exclamation mark, etc).
==== Disallowing password change ====
If you don't want to let your users to change passwords and log in with it, you may want to disallow password change.
# At Administer -> Permissions -> userprotect module: uncheck '''change own password''' for ''authenticated user''
# Log in with a normal account, go to "My account" -> Edit. You shouldn't see the possibility for changing password; except for the case when the user has user administrator rights.
==== Administering Drupal with strict sessions ====
If you use strict sessions, you can not log in with a password. You need to grant your own user administrator rights to administer the CMS.
# Enable Shibboleth protection
# Login with your own credentials, you should have 'Administrator' rights now.
=== Dynamic role assignment ===
