Difference between revisions of "SAML"
Jump to navigation
Jump to search
(Created page with "__TOC__ Please note: this feature is not yet available. = SAML = It's also possible to make RackTables recognize SAML accounts instead of local. This implementation is base...") |
Infrastation (talk | contribs) (add fullnameAttribute) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | |||
− | |||
− | |||
− | |||
= SAML = | = SAML = | ||
Line 10: | Line 6: | ||
You first need to alter secret.php and change the setting $user_auth_src to 'saml'. | You first need to alter secret.php and change the setting $user_auth_src to 'saml'. | ||
− | <pre>$user_auth_src = ' | + | <pre>$user_auth_src = 'saml'; |
</pre> | </pre> | ||
Line 21: | Line 17: | ||
'usernameAttribute' => 'eduPersonPrincipName', | 'usernameAttribute' => 'eduPersonPrincipName', | ||
'fullnameAttribute' => 'fullName', | 'fullnameAttribute' => 'fullName', | ||
+ | 'groupListAttribute' => 'memberOf', | ||
); | ); | ||
</pre> | </pre> | ||
Line 45: | Line 42: | ||
| <span style="background-color: rgb(255, 0, 0);">yes</span> | | <span style="background-color: rgb(255, 0, 0);">yes</span> | ||
| Fullname attribute | | Fullname attribute | ||
+ | |- | ||
+ | | fullnameAttribute | ||
+ | | <span style="background-color:green;">no</span> | ||
+ | | Name of the attribute containing the user's list of groups. Each group will be mapped to RackTables <tt>{$sgcn_XXXXX}</tt> autotag. | ||
+ | '''This option was added in release 0.20.5.''' | ||
|} | |} |
Latest revision as of 06:53, 30 May 2013
SAML
It's also possible to make RackTables recognize SAML accounts instead of local. This implementation is based on the SimpleSAMLphp API. We assume you have SimpleSAMLphp up and running.
Configuration
You first need to alter secret.php and change the setting $user_auth_src to 'saml'.
$user_auth_src = 'saml';
Further configuration is done through $SAML_options array.
$SAML_options = array ( 'simplesamlphp_basedir' => '../simplesaml', 'sp_profile' => 'default-sp', 'usernameAttribute' => 'eduPersonPrincipName', 'fullnameAttribute' => 'fullName', 'groupListAttribute' => 'memberOf', );
option(s) | is mandatory? | description |
---|---|---|
simplesamlphp_basedir | yes | (Relative) path to where SimpleSAMLphp has been installed, seen from the RackTables installation directory. E.g. if you configure '../simplesaml', the application will try to resolve the file '../simplesaml/lib/_autoload.php' from the root of the RackTables installation. |
sp_profile | yes | Define the service profile wich has to be used. A normal SimpleSAMLphp installation defaults to default-sp |
usernameAttribute | yes | Username attribute |
fullnameAttribute | yes | Fullname attribute |
fullnameAttribute | no | Name of the attribute containing the user's list of groups. Each group will be mapped to RackTables {$sgcn_XXXXX} autotag.
This option was added in release 0.20.5. |