You can use Pope Tech to perform an automated accessibility check on Drupal pages that require UMN Shibboleth authentication in order to view them. For Google Sites, see Pope Tech: Scan Google Sites Intranet Content. For other types of websites or applications, see Pope Tech: Scan Websites or Applications Behind Authentication.
Note: Only data classified as public per the University data security classification policy may be scanned with Pope Tech.
Add a functional account to your website
- If you already have access to a UMN functional account, you can use that account and can skip to step 3.
- Request a functional account to use for Pope Tech testing with your website(s).
- On the request form, select the following:
- Which OIM environment should the account be created in?
- PRODUCTION (Account will be created in OIM PROD environment)
- What access should be provisioned for this Functional Account?
- Ldap (Lightweight Directory Access Protocol)
- Which OIM environment should the account be created in?
- On the request form, select the following:
- Create an account on your website for the functional account you will use with Pope Tech.
- Select the role(s) needed to access your intranet content.
- This is likely the authenticated user role which will be selected by default when you create a new account, but you may need to select a custom role you have created on your website depending on your intranet implementation.
- Select the role(s) needed to access your intranet content.
Setup authentication for your site within Pope Tech
Note: Add your website to Pope Tech first if you have not done so, and then return to complete the steps below.
Edit Website Settings
- In your Website Settings, expand the Authentication Options accordion in the right-hand column.
- Check the checkbox for Use Website Authentication?
- Leave the Authentication Type dropdown set to Cookie
- In the Login URL field, enter the full URL for the login path on your website, i.e. https://mysite.umn.edu/saml/login
- Check the checkbox for Use Advanced Authentication?
- New fields to set up step 1 under a new Advanced Steps heading will appear.
Configure Advanced Authentication Step 1
- Leave the dropdown field for Step Action set to Type into input
- In the Element Selector (example: #myId) field, enter #username
- Do not check the checkbox for Is field a password?
- In the Input text field, enter the internet ID of the functional account that you will be using for testing your website with Pope Tech. Do not include @umn.edu.
Add and Configure Step 2
- Click the Add Step button. New fields for step 2 will appear.
- Leave the dropdown field for Step Action set to Type into input
- In the Element Selector (example: #myId) field, enter #password
- Check the checkbox for Is field a password?
- In the password field, enter the UMN account password for the functional account corresponding to the username entered above. The password will appear as dots representing each character and there is no confirmation field, so ensure that you enter the password correctly.
Add and Configure Step 3
- Click the Add Step button. New fields for step 3 will appear.
- Select Click in the Step Action dropdown
- Enter .idp3_form-submit in the Element Selector (example: #myId) field
Add and Configure Step 4
- Click the Add Step button. New fields for step 4 will appear.
- Select Wait for time in the Step Action dropdown.
- Enter 3 in the Wait time field.
Complete Setup
- In the Success Identifier Selector (example: #myId) field, enter #content
- You will need to check the checkbox acknowledging that you "understand that scanning behind a login isn't intended to be used to scan any sensitive, private, or confidential data that shouldn't be stored on Pope Tech servers" and that you "understand, have read, and agree to the Pope Tech terms of use" before you can proceed.
- Click the ✔Save button. The Edit Website Settings window closes automatically.
Test Authentication
- Click Edit Website Settings to re-open the settings window.
- Expand the Authentication Options accordion in the right-hand column.
- Scroll to the bottom and click the button to Test Authentication to ensure that you have entered everything correctly.
Add your intranet pages
Pope Tech can scan pages behind authentication, but it cannot find those pages by crawling your site, and those pages will not be included in your sitemap. You will either need to manually add the paths that require authentication through the Pope Tech user interface, or you can upload a CSV file containing those paths. See the vendor's Add Pages article for instructions.
If you have a large intranet site and would prefer not to manually add individual pages, you can use the OIT-created PopeTech Path List Export module to automatically generate a CSV with all of your content pages.
- If you have a Drupal Enterprise site, an administrator will first need to install the PopeTech Path List Export module under the Extend menu. For Drupal Lite Sites, the module is already enabled by default.
- After logging into your website, go to the /popetech-csv-export path on your site by copying the path above and pasting it after your domain name in your browser
- This will download a CSV file to your computer titled popetech-csv-export.csv. This file is already formatted in the manner that Pope Tech expects, so you do not need to open or modify the file. Locate the file; typically this will be in your Downloads folder.
- Follow the directions under the Upload CSV subheading in the vendor's Add Pages article to load the file generated above into Pope Tech. Skip the steps under the Prepare your CSV subheading since you already have the file you need.
- Once you have added your pages to Pope Tech, you can proceed to initiate a scan in the upper right corner of the page.
Scan your website
Once you have tested your pages, you can proceed to scan your website. Note that you should uncheck the Crawl option before clicking the Start button for intranet websites. If you leave the box checked, it will fail the crawl and then proceed to run the scan.