Pope Tech: Scan Drupal Intranet Content

You can use Pope Tech to perform an automated accessibility check on Drupal pages that require UMN Shibboleth authentication in order to view them. For Google Sites, see Pope Tech: Scan Google Sites Intranet Content.

Note: Only data classified as public per the University data security classification policy may be scanned with Pope Tech.

Add a functional account to your website

  1. If you already have access to a UMN functional account, you can use that account and can skip to step 3.
  2. Request a functional account to use for Pope Tech testing with your website(s).
    1. On the request form, select the following:
      • Which OIM environment should the account be created in?
        • PRODUCTION (Account will be created in OIM PROD environment)
      • What access should be provisioned for this Functional Account?
        • Ldap (Lightweight Directory Access Protocol)
  3. Create an account on your website for the functional account you will use with Pope Tech.
    1. Select the role(s) needed to access your intranet content. 
      • This is likely the authenticated user role which will be selected by default when you create a new account, but you may need to select a custom role you have created on your website depending on your intranet implementation.

Set up authentication for your site within Pope Tech

Note: Add your website to Pope Tech first if you have not done so, and then return to complete the steps below. 

Initial Setup

  1. In the Website Settings, expand the Authentication Options accordion.
  2. Check the checkbox for Use Website Authentication?
  3. Leave the Authentication Type dropdown set to Cookie
  4. In the Login URL field, enter the full URL for the login path on your website, i.e. https://mysite.umn.edu/saml/login
  5. Check the checkbox for Use Advanced Authentication?
    • New fields to set up step 1 under a new Advanced Steps heading will appear.

Configure Advanced Authentication Step 1

  1. Leave the dropdown field for Step Action set to Type into input
  2. In the Element Selector (example: #myId) field, enter #username
  3. Do not check the checkbox for Is field a password?
  4. In the Input text field, enter the internet ID of the functional account that you will be using for testing your website with Pope Tech. Do not include @umn.edu.

Add and Configure Step 2

  1. Click the Add Step button. New fields for step 2 will appear.
  2. Leave the dropdown field for Step Action set to Type into input
  3. In the Element Selector (example: #myId) field, enter #password
  4. Check the checkbox for Is field a password?
  5. In the password field, enter the UMN account password for the functional account corresponding to the username entered above.
    • Note: The password will appear as dots representing each character and there is no confirmation field, so ensure that you enter the password correctly.

Add and Configure Step 3

  1. Click the Add Step button. New fields for step 3 will appear.
  2. Select Click in the Step Action dropdown
  3. Enter .idp3_form-submit in the Element Selector (example: #myId) field.

Complete Setup

  1. In the Success Identifier Selector (example: #myId) field, enter #content
  2. Before you can proceed, you will need to check the checkbox acknowledging that you:
    1. "understand that scanning behind a login isn't intended to be used to scan any sensitive, private, or confidential data that shouldn't be stored on Pope Tech servers"
    2. "understand, have read, and agree to the Pope Tech terms of use"
  3. Click the ✔Save button.
  4. Click the button to Test Authentication to ensure that you have entered everything correctly.

Add your intranet pages

Pope Tech can scan pages behind authentication, but it cannot find those pages by crawling your site, and those pages will not be included in your sitemap. You will either need to manually add the paths that require authentication through the Pope Tech user interface, or you can upload a CSV file containing those paths. See the vendor's Add Pages article for instructions.

If you have a large intranet site and would prefer not to manually add individual pages, you can use the OIT-created PopeTech Path List Export module to automatically generate a CSV with all of your content pages. 

  1. If you have a Drupal Enterprise site, an administrator will first need to install the PopeTech Path List Export module under the Extend menu. For Drupal Lite Sites, the module is already enabled by default.
  2. After logging into your website, go to the /popetech-csv-export path on your site by copying the path above and pasting it after your domain name in your browser 
    • i.e., mysite.umn.edu/popetech-csv-export
  3. This will download a CSV file to your computer titled popetech-csv-export.csv. This file is already formatted in the manner that Pope Tech expects, so you do not need to open or modify the file. Locate the file; typically this will be in your Downloads folder on your device.
  4. Follow the directions under the Upload CSV subheading in the vendor's Add Pages article to load the file generated above into Pope Tech.
    • Skip the steps under the Prepare your CSV subheading since you already have the file you need.
  5. Once you have added your pages to Pope Tech, you can proceed to initiate a scan in the upper right corner of the page.

Last modified

TDX ID

7806