Skip to content
Snippets Groups Projects
Commit 67aeef79 authored by Kiril KJiroski's avatar Kiril KJiroski
Browse files

added sso for cortex

parent e98df878
No related branches found
No related tags found
1 merge request!3Dev5
--- ---
soctoolsproxy: "CHANGE_ME_TO_FQDN" soctoolsproxy: "dsoclab.gn4-3-wp8-soc.sunet.se"
maxmind_key: "" maxmind_key: ""
......
--- ---
domain: "soctools.test" domain: "uninett.no"
soctools_users: soctools_users:
- firstname: "User1" - firstname: "User1"
...@@ -9,12 +9,12 @@ soctools_users: ...@@ -9,12 +9,12 @@ soctools_users:
email: "user1@{{domain}}" email: "user1@{{domain}}"
DN: "CN=User1Soctools" DN: "CN=User1Soctools"
CN: "User1Soctools" CN: "User1Soctools"
- firstname: "User2" - firstname: "Kiril"
lastname: "SOC" lastname: "Kjiroski"
username: "user2" username: "kiril.kjiroski"
email: "user2@{{domain}}" email: "kiril.kjiroski@{{domain}}"
DN: "CN=User2Soctools" DN: "CN=Kiril Kjiroski"
CN: "User2Soctools" CN: "Kiril Kjiroski"
# Minimum one user is required # Minimum one user is required
ODFE_ADMIN_USERS: ODFE_ADMIN_USERS:
......
...@@ -5,13 +5,13 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \ ...@@ -5,13 +5,13 @@ RUN echo "[thehive-project]" > /etc/yum.repos.d/thehive.repo && \
echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \ echo "enabled=1" >> /etc/yum.repos.d/thehive.repo && \
echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \ echo "priority=1" >> /etc/yum.repos.d/thehive.repo && \
echo "name=TheHive-Project RPM repository" >> /etc/yum.repos.d/thehive.repo && \ echo "name=TheHive-Project RPM repository" >> /etc/yum.repos.d/thehive.repo && \
echo "baseurl=http://rpm.thehive-project.org/stable/noarch" >> /etc/yum.repos.d/thehive.repo && \ echo "baseurl=https://rpm.thehive-project.org/release/noarch" >> /etc/yum.repos.d/thehive.repo && \
echo "gpgcheck=1" >> /etc/yum.repos.d/thehive.repo && \ echo "gpgcheck=1" >> /etc/yum.repos.d/thehive.repo && \
yum install -y epel-release && \ yum install -y epel-release && \
rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \ rpm --import https://raw.githubusercontent.com/TheHive-Project/TheHive/master/PGP-PUBLIC-KEY && \
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch && \
yum install -y cortex supervisor rsync daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \ yum install -y cortex supervisor rsync daemonize vim net-tools telnet htop python3-pip.noarch git gcc python3-devel.x86_64 ssdeep-devel.x86_64 python3-wheel.noarch libexif-devel.x86_64 libexif.x86_64 perl-Image-ExifTool.noarch gcc-c++ whois && \
rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-6.8.13.rpm && \ rpm -Uvh https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.10.2-x86_64.rpm && \
chown -R elasticsearch:elasticsearch /etc/elasticsearch && \ chown -R elasticsearch:elasticsearch /etc/elasticsearch && \
mkdir -p /home/cortex && \ mkdir -p /home/cortex && \
chown -R cortex:cortex /home/cortex && \ chown -R cortex:cortex /home/cortex && \
......
...@@ -124,10 +124,10 @@ auth { ...@@ -124,10 +124,10 @@ auth {
# The endpoint from which to obtain user details using the OAuth token, after successful login # The endpoint from which to obtain user details using the OAuth token, after successful login
userUrl = "https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/userinfo" userUrl = "https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/protocol/openid-connect/userinfo"
scope = "profile" # scope = "profile"
userIdField = "email" userIdField = "email"
#userUrl = "https://auth-site.com/api/User" scope = ["openid email profile offline_access User.Read"]
#scope = ["openid profile"]
} }
ws.ssl.trustManager { ws.ssl.trustManager {
...@@ -143,48 +143,18 @@ auth { ...@@ -143,48 +143,18 @@ auth {
# Single-Sign On # Single-Sign On
sso { sso {
# Autocreate user in database? autocreate = false
autocreate = true autoupdate = false
# Autoupdate its profile and roles?
autoupdate = true
# Autologin user using SSO?
autologin = true autologin = true
defaultRoles = ["read"]
# Name of mapping class from user resource to backend user ('simple' or 'group') defaultOrganization = "uninett.no"
#mapper = group
#mapper = simple
#attributes {
# login = "user"
# name = "name"
# groups = "groups"
# organization = "org"
#}
# defaultRoles = ["read", "write", "admin"]
# defaultOrganization = "{{domain}}"
#defaultRoles = ["read"]
#defaultOrganization = "csirt"
#groups {
# # URL to retreive groups (leave empty if you are using OIDC)
# #url = "https://auth-site.com/api/Groups"
# # Group mappings, you can have multiple roles for each group: they are merged
# mappings {
# admin-profile-name = ["admin"]
# editor-profile-name = ["write"]
# reader-profile-name = ["read"]
# }
#}
mapper = simple mapper = simple
attributes { attributes {
login = "user" login = "email"
name = "name" name = "email"
roles = "roles" roles = "roles"
organization = "org"
} }
defaultRoles = ["read", "analyze"]
defaultOrganization = "{{domain}}"
} }
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment