Blame - README.rst - salt-formulas/shibboleth

blob: daff9cb8219cb481afb66244dbb1111c643c3cd2 [file] [log] [blame]

Alexander Noskov	747be50	2017-01-12 14:53:55 +0400	[diff] [blame]	1	=======================
Alexander Noskov	d0e69af	2016-12-07 13:19:14 +0400	[diff] [blame]	2	salt-formula-shibboleth
Alexander Noskov	747be50	2017-01-12 14:53:55 +0400	[diff] [blame]	3	=======================
				4
				5	Shibboleth is among the world's most widely deployed federated identity solutions, connecting users to applications both within and between organizations.
				6
				7	Sample pillars
				8	==============
				9
				10	.. code-block:: yaml
				11
				12	shibboleth:
				13	server:
				14	enabled: true
				15	keystone_protocol: http
				16	keystone_public_address: ${_param:proxy_vip_address_public}
				17	keystone_port: 5000
				18	idp_url: "https://saml.example.com/oam/fed"
				19	idp_metadata_url: "https://saml.example.com/oamfed/idp/metadata"
				20	attributes:
				21	- name: test
				22	id: test
				23	name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:basic
				24	key: \|
				25	-----BEGIN PRIVATE KEY-----
				26	MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDmM1NIxgQ3Y70Q
				27	GXoFQQnJ7nliaRtJR2xHAW47InyALQ+M3/VCtdFnNI0d2CHoytQ6mVg6BzOtdvT2
				28	ocEl0+LNkskSZsc6Nh59XooTQncL5PA7hXmo/nxCEgURH4oika5CC14K4hagwZca
				29	CQZvW1m9KwfVaNc0Va0KepH2lGI+VdxyZgRMifTMl9qDLYr++ftyFTNn5uit0Yh8
				30	9QFU4HLVvT0rHSQUTcFbvYE=
				31	-----END PRIVATE KEY-----
				32	certificate: \|
				33	-----BEGIN CERTIFICATE-----
				34	MIIDDzCCAfegAwIBAgIJAOvxYAMLVkHZMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
				35	BAMTGGN0bC0wMS5qcGUyLmppb2Nsb3VkLmNvbTAeFw0xNzAxMTIxMDIwMTRaFw0y
				36	k3u0PIEqysz9sOpmuSmlY4FKRobYQ3viviTIMTTuqjoCAFKIApI3tZWOqj+zShje
				37	Xr4ue39/lvQLj2jXV+Q2TOovQA==
				38	-----END CERTIFICATE-----
				39	idp_certificate: \|
				40	-----BEGIN CERTIFICATE-----
				41	BAMTGGN0bC0wMS5qcGUyLmppb2Nsb3VkLmNvbTAeFw0xNzAxMTIxMDIwMTRaFw0y
				42	CcnueWJpG0lHbEcBbjsifIAtD4zf9UK10Wc0jR3YIejK1DqZWDoHM6129PZ8kx5k
				43	aN5DvAdir7oYCpHwD5/WvHahUgsrtcz9s+pzRfiStvICVwqCsGquThZHe8YAgGpZ
				44	04UU/56ncPbsHf5asS3DvfVGw==
				45	-----END CERTIFICATE-----
lmercl	4f7f6fd	2018-03-12 17:39:56 +0100	[diff] [blame]	46
				47
				48	Shibboleth through HTTP proxy
				49	==============
				50	Sometimes there is needed to connect to IdP through HTTP proxy. This has to be done via adding TransportOption to MetadataProvider in Shibboleth2.xml configuration file.
				51
				52	.. code-block:: yaml
				53
				54	shibboleth:
				55	server:
				56	enabled: true
				57	proxy: http://10.10.10.12:8888