14 May 2025, 2:37

We have recently updated our SAML authentication method on our Institution. 

However it seems to have stopped us from Sharing Secret URL's.

Howard made a similar post a few years ago: https://mahara.org/interaction/forum/topic.php?id=9331&post36757

Although he is unaware of how it was fixed.

Does anybody have any idea how we can reactivate secret URLS for our no institute(mahara)? It is turned on at the site Level.

Thanks,

Michael

14 May 2025, 12:09

Hi Michael,

That does seem strange. The message is appearing because the system doesn't believe that public portfolios are allowed.

There are two configuration places to check:

'Allow public portfolios' setting in Admin -> Configure site -> Site options page under the Access settings section. This is the site wide controller.

And for the institution itself it can be found in the edit settings for the institution, via Admin -> Institutions -> Settings

where 'Public institution portfolios' setting is.

Both of those need to set to true for the message not to display.

I suspect when you added the SAML authentication you might have saved the institution settings form with 'Public institution portfolios' turned off.

Cheers

Robert

Yesterday, 2:33

Thank you for the reply Robert, However both of those places are currently set to allow public portfolios.

Well the site wide settings are allow Public Portfolios, But our instituition is the default Institution so it has no setting for Public Portfolios as this will take the site settings.

The only things I have changed recently are the Saml settings within the default Institution.

I have checked the config.php file and no settings are overriding the site settings reguarding public portfolios.

Any other ideas?

Thanks,

Michael 

Yesterday, 2:35

Sorry, to add to this.

The admin account is not affected by this. Just any user who has used SAML to log into the system.

Thanks,

Michael

Yesterday, 5:40

Hi Michael and Howard,

Did you check the database as suggested in the previous forum thread on this issue?

SELECT name, allowinstitutionpublicviews FROM institution;

And set the allowinstitutionpublicviews to 1 for the institutions you want to have public access allowed

---

Since you do mention that the admin account is not affected, I assume that th database has the correct setting. We have not come across this issue before. All I can think of is that a developer should set up SAML within 'No institution', but not rename the institution and check with an account that is connected via SAML and then change the institution name to something else to see if that makes a difference. I couldn't imagine why it would, but I can't test it myself.

However, you don't need to rename 'No institution'. In the SAML settings, you have the 'Instance name' at the very top when you configure SAML for an institution. The name you enter there is used for the login button.

Cheers

Kristina

Yesterday, 9:09

This is odd,

According to htdocs/view/urls.php the $allownew is checked based on some settings and one is the check for $USER->institution_allows_public_views()

And in the htdocs/auth/user.php file there is the public function institution_allows_public_views() and in that function there is a bit of  code:
if (empty($user_institutions)) {
    // user belongs to no institutions
    return true;
}

This should mean that one in the 'No institution' doesn't see that message.
So I'd investigate that function to make sure that the person in the 'No institution' is being treated correctly, that is they are actually in the No institution only.

Cheers

Robert

Today, 2:31

I can confirm it was the field in the Database.

Very strange that this was reverted back to false when we updated SAML, and that it wasnt picking up the site wide settings.

Thank you all for the help.