Skip to content
Snippets Groups Projects
Select Git revision
  • master default
1 result
Compare
user avatar
Store DB in volume mount, minor tweaks
Martin van Es authored
d83b5251
History
user avatar d83b5251
History
Name Last commit Last update
cert
database
testidp
.gitignore
README.md
docker-compose.yml
env.example
README.md

Test_IdP

Docker-compose deploy

Copy env.example to .env and adjust all properties. A valid wildcard certificate/chain and key should be stored in the cert directory. The filenames should be called:

wildcard_cert.crt
wildcard_chain.crt
wildcard_cert.key

testidp/config/logins.json contains all the testaccounts and is volume mounted.

testidp/admin/application/classes/phpmailer.php contains the phpmailer configuration for sending the admin mails. You should replace the Username/Password, Host and setFrom. It is also volume mounted.

When everything is in place a simple

docker-compose up testidp

Should do the trick

Manual deploy

All files below testidp/simplesamlphp should be dropped in a working simplesamlphp installation. The testidp/admin directory should be served as a separate vhost.

This project consists of two separate parts for simpleSAMLphp. This README assumes you know your way around in simpleSAMLphp and know how to setup a working implementation.

The authentication module is located in modules and is called customauth, and should be enabled like this:

config/authsources.php

+    'custom-userpass' => [
+        'customauth:External',
+    ],

Don't forget to touch enable in the module directory to enable the module.

The second part are the DB based IdP Hosted and SP Remote metadata files, found in metadata. These files enable database based configuration, based on the DB structure found in testidp.sql

The Database consists of 3 tables:

  • options
  • idps
  • config
  • accounts

options contains the definitions of the adjustable simpleSAMLPHP hosted IdP configuration options, this can be used to render a configuration interface. The options have a key, which is used in config to configure this option for a specific IdP.

idps contains the vhost based configuration for an IdP and the most important part is the sp_metadata columns, which should contain the connected SP metadata so that this IdP trusts this SP.

config contains the per-IdP-options values that are dynamically loaded into the IdP config. Most of them change the dynamically created metadata for this IdP.

accounts contains the registered SP accounts