shibui

Requirements_

Java 17 (note that ONLY Java 17 is supported at this time; other later versions might work)

Running

There are currently 3 ways to run the application:

As an executable WAR using Java
Deployed in a Java Servlet 3.0 container such as Tomcat or Jetty
Via Docker container - see instructions at https://spaces.at.internet2.edu/display/SMMU/Shibboleth+IdP+UI+Deployment+Instructions

Note that some features require encoded slashes in the URL. In tomcat (which is embedded in the war), this can be allowed with:

-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true

In Apache HTTPD, you'll need something like:

<VirtualHost *:80>
    AllowEncodedSlashes NoDecode
    ServerName shibui.unicon.net
    ProxyPass / http://localhost:8080/ nocanon
    ProxyPassReverse / http://localhost:8080/
</VirtualHost>

Running as an executable

java -jar shibui.war

For complete information on overriding default configuration, see [https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-external-config.html].

Deploying as a WAR

The application can be deployed as a WAR file in a Java Servlet 3.0 container.

To override default configuration, see [https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-external-config.html]. The easiest way to do this in a servlet container is through the use of system properties

Authentication

Currently, the application is wired with very simple authentication. A password for the user root can be set with the shibui.default-password property.

Default Properties

This is a reflection of the default application.properties file included in the distribution. Note that lines beginning with # are commented out.

# Server Configuration
#server.port=8080


# Logging Configuration
#logging.config=classpath:log4j2.xml
#logging.level.org.springframework.web=ERROR

# Database Credentials
spring.datasource.username=shibui
spring.datasource.password=shibui

# Database Configuration H2
spring.datasource.url=jdbc:h2:mem:shibui;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
spring.datasource.platform=h2
spring.datasource.driverClassName=org.h2.Driver
spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
spring.h2.console.enabled=true


# Database Configuration PostgreSQL
#spring.datasource.url=jdbc:postgresql://localhost:5432/shibui
#spring.datasource.driverClassName=org.postgresql.Driver
#spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect

#Maria/MySQL DB
#spring.datasource.url=jdbc:mariadb://localhost:3306/shibui
#spring.datasource.driverClassName=org.mariadb.jdbc.Driver
#spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDBDialect

#Tomcat specific DataSource props. Do we need these?
#spring.datasource.tomcat.maxActive=100
#spring.datasource.tomcat.minIdle=10
#spring.datasource.tomcat.maxIdle=10
#spring.datasource.tomcat.initialSize=50
#spring.datasource.tomcat.validationQuery=select 1

# Hibernate properties
# for production never ever use create, create-drop. It's BEST to use validate
spring.jpa.hibernate.ddl-auto=create
spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyJpaCompliantImpl
spring.jpa.show-sql=false
spring.jpa.properties.hibernate.format_sql=false

spring.jpa.hibernate.use-new-id-generator-mappings=true

shibui.metadata-dir=/opt/shibboleth-idp/metadata/generated
shibui.logout-url=/dashboard

spring.profiles.active=default

# Password for the default user. If not set, a password will be generated at startup
#shibui.default-password=

springdoc.use-management-port=true
springdoc.pathsToMatch=/entities, /api/**
# This property enables the openapi and swagger-ui endpoints to be exposed beneath the actuator base path.
management.endpoints.web.exposure.include=openapi, swagger-ui
management.server.port=9090

Random SQL

Get Release attributes for a given entity id

select xs_stringvalue
from xsstring
where id in (select attribute_values_id
             from attribute_abstractxmlobject
             where attribute_id = (select id
                                   from attribute
                                   where id in (select attributes_id
                                                from entity_attributes_attribute
                                                where entity_attributes_id = (select unknownxmlobjects_id
                                                                              from abstract_element_extensiblexmlobject_abstractxmlobject
                                                                              where abstract_element_extensiblexmlobject_id =
                                                                                    (select extensions_id from entity_descriptor where entityid = 'someentityid')))
                                     and name = 'http://shibboleth.net/ns/attributes/releaseAllValues'))

Get Relying Party Overrides by entity id

with join_table as (select rpo.id1,
                           rpo.id2
                    from (select attribute_id id1, attribute_values_id id2
                          from attribute_abstractxmlobject
                          where attribute_id in (select id
                                                 from attribute
                                                 where id in (select attributes_id
                                                              from entity_attributes_attribute
                                                              where entity_attributes_id = (select unknownxmlobjects_id
                                                                                            from abstract_element_extensiblexmlobject_abstractxmlobject
                                                                                            where abstract_element_extensiblexmlobject_id =
                                                                                                  (select extensions_id from entity_descriptor where entityid = 'someentityid'))))) as rpo)
select attribute_1.name relying_party_override,
       attribute_2.value
from join_table
         inner join
     attribute as attribute_1
     on join_table.id1 = attribute_1.id
         inner join
     (select id, stored_value value from xsboolean
      UNION
      select id, CAST(int_value AS varchar) value from xsinteger
      UNION
      select id, xs_stringvalue value from xsstring
      UNION
      select id, text_context value from xsany) as attribute_2
     on join_table.id2 = attribute_2.id
where value is not null and value != ''

License

TIER/shib-idp-ui

About

Resources

License

Stars

Watchers

Forks

Releases 47

Packages 0

Contributors 6

Languages

Packages