Atlas Auth Portal 1.3.x Release Configuration

Print Friendly and PDF Follow

This article contains instructions for updating existing installations of the Atlas Auth Portal to newly released versions. For information on performing a new install of the Atlas Auth Portal, see Using an Authentication Portal Landing Page.

Version 1.3.2 Update | Version 1.3.1 Update | Version 1.3.0 Update

Version 1.3.2 Update

Atlas Auth Portal version 1.3.2 was released on May 16th, 2023. This release includes several changes to the session cookie generated by the Atlas Auth Portal upon login that will allow Aeon to persist the user's login when placing requests through the portal from an external website (i.e., from a website outside of the Aeon web pages, such as a library catalog or finding aid) in some instances.

Warning!

Auth Portal 1.3.2 requires .NET Framework 4.7.2 or greater, which is higher than the minimum .NET framework version required by the Aeon Server. Please ensure that the upgraded version of this component is installed on the Aeon Server prior to upgrading to/installing Atlas Auth Portal v1.3.2. You must be on Aeon v5.2 to use the new features included in Atlas Auth Portal v1.3.2.

Changes to Login Persistence 

After updating to Atlas Auth Portal version 1.3.2, the session cookie generated by the Atlas Auth Portal upon login will now include SameSite and Secure properties that will allow Aeon to persist the user's login when placing requests through the portal from an external website in most instances. By default, these properties will be set differently depending on the type of connection used by the external website:

  • When a user places a request from an external website using HTTPS:
    • The SameSite property on the session cookie will be set to None and the Secure property set to True allowing currently logged-in Aeon users to skip the Atlas Auth Portal login page when placing the request
  • When a user places a request from an external website using HTTP: 
    • The SameSite property on the session cookie will be set to Lax and the Secure property set to False allowing currently logged-in Aeon users to skip the Atlas Auth Portal login page when placing the request only if the external website is under the same domain as the Aeon web pages. If the external website is not under the same domain, then the user will need to log back into the Aeon system to place the request.
The default SameSite property values that are set on the session cookie as described above can be altered by editing the Atlas Auth Portal's web.config file but is not recommended in most cases. For more information, see Overriding the Default Session Cookie SameSite Attributes in the Using an Authentication Portal Landing Page article.

Update Instructions

To implement these changes, please follow the instructions below:  

  1. Download the Atlas Auth Portal files.
  2. Right-click and unzip download.
  3. Replace the current AtlasAuthPortal Bin files with the version 1.3.2 files in the Bin folder. Default location: C:\inetpub\wwwroot\aeon\AtlasAuthPortal\Bin.

Version 1.3.1 Update

When adding a key for an AuthType in the Web.Config file, two new specifiers ({$QueryString} and {$EncodedQueryString}) are now supported to help designate where the URL query parameters will be inserted into the target URL. 

  • {$QueryString} - inserts the query parameters as they are submitted.
  • {$EncodedQueryString} - URL-encodes the query parameters before inserting them.

To use these, add the specifiers to the target URL in Web.Config. For example:

<add key="RemoteAuth" value="https://shibdomain.com/Shibboleth.sso/Login?entityID=https%3A%2F%2Fsamltest.id%2Fsaml%2Fidp&amp;target=https%3A%2F%2Fdomain.edu%2Fremoteauth%2Faeon.dll%3F{$EncodedQueryString}" />

In the example, the target URL is a Shibboleth server which will redirect to the Aeon server (whose address is passed as the target parameter). The URL of the Aeon server is URL-encoded within the target parameter. The query parameters must also be URL-encoded in order for the Aeon server to receive them correctly.

Version 1.3.0 Update

The Atlas Auth Portal version 1.3 was released on June 2nd, 2020. This release includes several changes in an effort to mitigate the risk of potential redirect vulnerabilities. For details regarding the changes, see Using an Authentication Portal Landing Page. To implement these changes, the release requires some modifications to the index.cshtml and web.config files. The release includes the following changes: 

  • The redirectUrl parameter has been replaced with the authType parameter. The default pages accept the authType values of AtlasAuth and RemoteAuth. 
  • The RedirectUrlCookieName setting has been removed and replaced with the AuthTypeCookieName which defaults to AtlasAuthType.

To implement these changes, please follow the instructions below: 

1. Update the Atlas Authentication Portal Bin Files 

  1. Download the Atlas Auth Portal files.
  2. Right-click and unzip download.
  3. Replace the current AtlasAuthPortal Bin files with the version 1.3 files in the Bin folder. Default location: C:\inetpub\wwwroot\aeon\AtlasAuthPortal\Bin.

2. Index.cshtml Changes

  1. Open file explorer and navigate to the web directory: C:\inetpub\wwwroot\aeon\AtlasAuthPortal\Views\Portal.
  2. Right-click and open the index.cshtml file in your preferred code editor (e.g., Notepad ++, Visual Studio Code).
  3. Edit the redirectUrl parameter value to match the authType value in the web.config file. 
    • Note: The name of the input parameter has been changed from "redirecturl" to "authType".

      WebConfig.png

3. Web.Config Changes

  1. Open file explorer and navigate to C:\inetpub\wwwroot\aeon\AtlasAuthPortal.
  2. Right-click and open the web.config file in your preferred code editor (e.g., Notepad ++, Visual Studio Code)
  3. Add the following key: 
    <add key="AuthTypeCookieName" value="AtlasAuthType"/>
  4. Edit the AuthTypeCookieName value with the AuthType used if the value if different from the default. The accepted values are AtlasAuth and RemoteAuth.

    AuthTypeKey.png
  5. Add the following key(s) depending on your authentication type:
    <add key="AtlasAuth" value="https://youruniversity.edu/aeon/aeon.dll?"/>
    <add key="RemoteAuth" value="https://youruniversity.edu/?"/>
  6. Edit the default placeholder(s) with your redirect target URL value(s).

    RedirectURLKey.png

Questions?

If this article didn’t resolve your issue, please contact Atlas Support for assistance:

Contact Support