diff options
author | Simo Sorce <simo@redhat.com> | 2014-04-05 13:23:02 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-04-11 18:02:07 -0400 |
commit | a0374da67060c6e69ff6f1c2d25d2df357c25751 (patch) | |
tree | 23231072e26ab1a212300086daf281b8109d0938 /templates/install | |
parent | 2bed65a8810b7f81ec2be93275fa06f4da52e56f (diff) | |
download | ipsilon-a0374da67060c6e69ff6f1c2d25d2df357c25751.tar.gz ipsilon-a0374da67060c6e69ff6f1c2d25d2df357c25751.tar.xz ipsilon-a0374da67060c6e69ff6f1c2d25d2df357c25751.zip |
Add basic installation script with saml support
Generates (self signed) certificates and a metdata.xml file.
Optionally configures an Apache Httpd server.
If the admin does not configure a specific application at install time
a default landing page is made available to be able to test that the SP
configuration works.
Uninstall removes all certificates and metadata file and is irreversible.
Diffstat (limited to 'templates/install')
-rw-r--r-- | templates/install/saml2/sp.conf | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/templates/install/saml2/sp.conf b/templates/install/saml2/sp.conf new file mode 100644 index 0000000..57abdfd --- /dev/null +++ b/templates/install/saml2/sp.conf @@ -0,0 +1,28 @@ +# This is a server-wide configuration that will add information from the Mellon +# session to all requests under this path. +<Location ${saml_base}> + MellonEnable "${saml_protect}" + MellonSPPrivateKeyFile "${saml_sp_key}" + MellonSPCertFile "${saml_sp_cert}" + MellonSPMetadataFile "${saml_sp_meta}" + MellonIdPMetadataFile "${saml_idp_meta}" + MellonEndpointPath ${saml_sp} + MellonVariable "saml-sesion-cookie" + # Comment out the next line if you want to allow logins on bare HTTP + MellonsecureCookie On + MellonUser "NAME_ID" + MellonIdP "IDP" + MellonSessionLength 3600 + # MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html" + # MellonPostDirectory "/var/lib/ipsilon/post_cache" + # MellonPostReplay On +</Location> + +${saml_auth} + +${sp}Alias /saml2protected /usr/share/ipsilon/ui/saml2sp +${sp} +${sp}<Directory /usr/share/ipsilon/ui/saml2sp> +${sp} SSLRequireSSL +${sp} Require all granted +${sp}</Directory> |