EDUCATIC
/
digitaldemocratic
mirror of https://gitlab.com/digitaldemocratic/digitaldemocratic
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Updated saml docs

info 2021-04-27 06:34:15 +00:00
parent 6749f63b61
commit c07a856c11
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
SAML_README.md
View File

@ -7,7 +7,7 @@
# Moodle # Moodle
1. Activate SAML2 plugin 1. Activate SAML2 plugin
2. Regenerate SP certificate: https://moodle.<domain>/auth/saml2/regenerate.php 2. Regenerate SP certificate: https://moodle.<domain>/auth/saml2/regenerate.php and lock it down
3. Download SAML2 Service Provider xml: https://moodle.<domain>/auth/saml2/sp/metadata.php 3. Download SAML2 Service Provider xml: https://moodle.<domain>/auth/saml2/sp/metadata.php
4. Import this SP in keycloak IDP: https://sso.<domain>/auth/admin/master/console/#/create/client/poc 4. Import this SP in keycloak IDP: https://sso.<domain>/auth/admin/master/console/#/create/client/poc
5. Add builtin email, givenname and surname field mappers (https://sso.<domain>/auth/admin/master/console/#/realms/poc/clients/b7781aac-5aa5-441a-8af5-aca7cc0a1daf/mappers) 5. Add builtin email, givenname and surname field mappers (https://sso.<domain>/auth/admin/master/console/#/realms/poc/clients/b7781aac-5aa5-441a-8af5-aca7cc0a1daf/mappers)
@ -117,8 +117,8 @@ TODO: Does not map email nor friendlyname (display name). Also not tested to add
1. x509: public.key (generated before) 1. x509: public.key (generated before)
2. Private key: private.key (generated before) 2. Private key: private.key (generated before)
3. Identity Provider Data 3. Identity Provider Data
1. Identifier of the IdP: https://sso.<domain>/auth/realms/poc 1. Identifier of the IdP: https://sso.<domain>/auth/realms/master
2. URL target of the IdP: https://sso.<domain>/auth/realms/poc/protocol/saml 2. URL target of the IdP: https://sso.<domain>/auth/realms/master/protocol/saml
3. URL Location of the IdP SLO request: https://sso.<domain>/auth/realms/poc/protocol/saml 3. URL Location of the IdP SLO request: https://sso.<domain>/auth/realms/poc/protocol/saml
4. Public X.509 certificate: (The RSA Certificate from keycloak at step 1). 4. Public X.509 certificate: (The RSA Certificate from keycloak at step 1).
4. Attribute mapping 4. Attribute mapping
@ -197,9 +197,9 @@ Client Id in keycloak has to be 'php-saml' if not set at wordpress saml plugin.
1. Enable 1. Enable
3. IDENTITY PROVIDER SETTINGS 3. IDENTITY PROVIDER SETTINGS
1. iDp ENTITY ID: Anything you want 1. iDp ENTITY ID: Anything you want
1. SSO Service Url: https://sso.digitaldemocratic.net/auth/realms/poc/protocol/saml 1. SSO Service Url: https://sso.digitaldemocratic.net/auth/realms/master/protocol/saml
2. SLO Service Url: https://sso.digitaldemocratic.net/auth/realms/poc/protocol/saml 2. SLO Service Url: https://sso.digitaldemocratic.net/auth/realms/master/protocol/saml
3. X.509 Certificate: Copy the Certificate (not the Public key) from the keycloak realm (https://sso.digitaldemocratic.net/auth/admin/master/console/#/realms/poc/keys) without the begin/end lines in the cert. 3. X.509 Certificate: Copy the Certificate (not the Public key) from the keycloak realm (https://sso.digitaldemocratic.net/auth/admin/master/console/#/realms/master/keys) without the begin/end lines in the cert.
4. OPTIONS 4. OPTIONS
1. Create user if not exists 1. Create user if not exists
2. Update user data 2. Update user data