Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Loading status checks…
Upgrade to midPoint 4.5 
Includes fixes of shibboleth SP upgrade done in previous commits.
Includes fix of error message parsing in tests.
Slavek Licehammer committed Sep 6, 2022
1 parent 5df8ef4 commit fce69ce
Showing 16 changed files with 186 additions and 91 deletions.
2 changes: 1 addition & 1 deletion common.bash
View file
@@ -1,3 +1,3 @@
maintainer="i2incommon"
imagename="midpoint"
tag="4.4.1"
tag="4.5"
4 changes: 2 additions & 2 deletions demo/grouper/docker-compose.yml
View file
@@ -173,7 +173,7 @@ services:
- CREATE_NEW_DATABASE=if_needed

data_init:
image: i2incommon/midpoint:${tag:-4.4.1}
image: i2incommon/midpoint:${tag:-4.5}
command: >
bash -c "
chmod 777 /opt/mp-pw/ ;
@@ -229,7 +229,7 @@ services:
build:
context: ./midpoint_server/
args:
tag: ${tag:-4.4.1}
tag: ${tag:-4.5}
depends_on:
- data_init
- midpoint_data
2 changes: 1 addition & 1 deletion demo/grouper/midpoint_server/Dockerfile
View file
@@ -1,4 +1,4 @@
ARG tag=4.4.1
ARG tag=4.5

FROM i2incommon/midpoint:${tag}

Binary file added demo/grouper/midpoint_server/container_files/mp-home/lib/mariadb-java-client-3.0.6.jar
View file
Binary file not shown.
Binary file added demo/grouper/midpoint_server/container_files/mp-home/lib/mysql-connector-java-8.0.30.jar
View file
Binary file not shown.
24 changes: 2 additions & 22 deletions ...erver/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml
View file
@@ -17,16 +17,9 @@
<saml2>
<name>mySamlSso</name>
<description>My internal enterprise SAML-based SSO system.</description>
<network>
<readTimeout>10000</readTimeout>
<connectTimeout>5000</connectTimeout>
</network>
<serviceProvider>
<entityId>midpointdemo-shibboleth</entityId>
<signRequests>true</signRequests>
<wantAssertionsSigned>true</wantAssertionsSigned>
<singleLogoutEnabled>true</singleLogoutEnabled>
<nameId>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</nameId>
<keys>
<activeKeyStoreKey>
<keyStorePath>/etc/pki/mp/sp-shibboleth-keys.jks</keyStorePath>
@@ -38,29 +31,16 @@
<t:clearValue>password</t:clearValue>
</keyPassword>
</activeKeyStoreKey>
<standByKeyStoreKey>
<keyStorePath>/etc/pki/mp/sp-shibboleth-keys.jks</keyStorePath>
<keyStorePassword>
<t:clearValue>changeit</t:clearValue>
</keyStorePassword>
<keyAlias>encrypt-key</keyAlias>
<keyPassword>
<t:clearValue>password</t:clearValue>
</keyPassword>
<type>encryption</type>
</standByKeyStoreKey>
</keys>
<provider>
<identityProvider>
<entityId>https://idptestbed/idp/shibboleth</entityId>
<alias>idp-shibboleth</alias>
<metadata>
<pathToFile>/etc/shibboleth/idp-metadata.xml</pathToFile>
</metadata>
<skipSslValidation>true</skipSslValidation>
<linkText>Shibboleth</linkText>
<authenticationRequestBinding>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</authenticationRequestBinding>
<nameOfUsernameAttribute>uid</nameOfUsernameAttribute>
</provider>
</identityProvider>
</serviceProvider>
</saml2>
</modules>
122 changes: 122 additions & 0 deletions ...iner_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml
View file
@@ -422,6 +422,20 @@
</objectCollectionView>
<objectCollectionView>
<identifier>report-tasks-view</identifier>
<display>
<label>Report task</label>
<pluralLabel>
<orig>Report tasks</orig>
<norm>report tasks</norm>
<translation>
<key>ReportTasks.title</key>
</translation>
</pluralLabel>
<icon>
<cssClass>fa fa-pie-chart</cssClass>
<color>green</color>
</icon>
</display>
<refreshInterval>30</refreshInterval>
<type>TaskType</type>
<collection>
@@ -475,6 +489,114 @@
</collectionRef>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>shadow-integrity-check-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000513" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>shadows-refresh-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000514" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>objects-delete-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000515" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>shadows-delete-long-time-not-updated-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000516" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>execute-change-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000517" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>execute-deltas-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000518" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>reindex-repository-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000519" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>object-integrity-check-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000522" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>validity-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000530" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>trigger-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000531" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>propagation-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000532" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>multi-propagation-task-view</identifier>
<refreshInterval>30</refreshInterval>
<applicableForOperation>add</applicableForOperation>
<type>TaskType</type>
<collection>
<collectionRef oid="00000000-0000-0000-0000-000000000533" relation="org:default" type="c:ArchetypeType"/>
</collection>
</objectCollectionView>
<objectCollectionView>
<identifier>certification-tasks-view</identifier>
<refreshInterval>30</refreshInterval>
4 changes: 2 additions & 2 deletions demo/shibboleth/docker-compose-tests.yml
View file
@@ -5,7 +5,7 @@ version: "3.3"

services:
data_init:
image: i2incommon/midpoint:${tag:-4.4.1}
image: i2incommon/midpoint:${tag:-4.5}
command: >
bash -c "
chmod 777 /opt/mp-pw/ ;
@@ -61,7 +61,7 @@ services:
build:
context: ./midpoint_server/
args:
tag: ${tag:-4.4.1}
tag: ${tag:-4.5}
command: /usr/local/bin/startup.sh
depends_on:
- data_init
4 changes: 2 additions & 2 deletions demo/shibboleth/docker-compose.yml
View file
@@ -2,7 +2,7 @@ version: "3.3"

services:
data_init:
image: i2incommon/midpoint:${tag:-4.4.1}
image: i2incommon/midpoint:${tag:-4.5}
command: >
bash -c "
chmod 777 /opt/mp-pw/ ;
@@ -58,7 +58,7 @@ services:
build:
context: ./midpoint_server/
args:
tag: ${tag:-4.4.1}
tag: ${tag:-4.5}
command: /usr/local/bin/startup.sh
depends_on:
- data_init
94 changes: 47 additions & 47 deletions demo/shibboleth/idp/shibboleth-idp/metadata/midpoint-shib-sp.xml
View file
@@ -29,60 +29,60 @@ and do *NOT* provide it in real time to your partners.
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>47abdf273ac1</ds:KeyName>
<ds:KeyName>902a9863aa37</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=47abdf273ac1</ds:X509SubjectName>
<ds:X509Certificate>MIID6zCCAlOgAwIBAgIJAN3KLR1rSj7uMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
BAMTDDQ3YWJkZjI3M2FjMTAeFw0xOTA0MjYxODAzMzRaFw0yOTA0MjMxODAzMzRa
MBcxFTATBgNVBAMTDDQ3YWJkZjI3M2FjMTCCAaIwDQYJKoZIhvcNAQEBBQADggGP
ADCCAYoCggGBAMPUEiYPVaEV2CyAdVLjj57vw71o47bkiErWqhh8Flq+JMTA6BUc
wgXVMSlM6OcB+gGdInNSuCwUGD+/LTiRoaECERPRzYAJjO9nSLmldsvBxnR/E5rw
n5c+8K3BOAoLZ/mGKHDhjLlbiClKTMl2Nx3okyb1jKdR/mTjTKzrUy9T42o688s2
CFuEYmVulHww2zgNSIv5nUaYyH/D3jPYf9ANayv60R3JUp0sijywbRTm4VRgV3P3
jQ4Y7AlWNnqQlqkEvqZfWt87E56Dbo+nuD0uTRSUmUY4j1DJ0ns8jIUfkHCfq4Sh
bVJQ4eLfc9sTLPE7/42uesT9mH5RGUTB6bZJD2gvKZ9pnbTZUYygOFGcJjkl/Trl
Q0rXMArffseUEqGNJeslQJQAQXDDVwbzFCpneJmMAUNKUwNRhCaazdFErDTvHytB
wmpBvcqhEbbocGxxXm6gNEOrWRK3dZD4GBf+vJA8/Z770ZrQWQfUL/DpYm4tCoDJ
m4/Rsaosv/PqsQIDAQABozowODAXBgNVHREEEDAOggw0N2FiZGYyNzNhYzEwHQYD
VR0OBBYEFLb8Mqq4XpiJZs3S0cQ/nLLfnkoTMA0GCSqGSIb3DQEBCwUAA4IBgQCc
u3AKCgPIOY73bWoXeVD1M6qG1asU9E1r5xle5+2vnXfo+fq/EfA2t+9kNsPs/yxG
O+sL9COXRrTTPhHzbjTQ3AHvd/ar3DUgTTj9rAVmpyXzmu17mFlcx6ihFldYwCFE
k1ZBXQ6hvZeQpFcTeqiPwPza+XeiJh3qgKBinm7RESTNzM5eiAlOCrEgx1tmRV5p
mLrPZYPKUIW9IY0a85lm9lw4rWDEqKaiWDF0E/BWPzF7xsx37ofLCabQm2zPc5Nk
aJD3xxa3OExsIHOa46K72UoaXY2HT8Pf3DucAGp8wBZ8UJBRBmSlbF/U6rjj4L4F
fRWMX+9yfmNOPCi6196EDQ+K4U/96kiq77WcqsqhU4HHwqR0cqvCHxvrU7Y84aXu
lfwgC6d8W/YhLAUIs8yFKTFbiufNW7KdqMs97b2QpNX2RHCFhnUBd1opDLTQGByB
WXrWfdEqrgYwoBN18u0A5migNn5wWpozl84ChRpjTaIangle4Eox8dZq5qV6mf0=
<ds:X509SubjectName>CN=902a9863aa37</ds:X509SubjectName>
<ds:X509Certificate>MIID6zCCAlOgAwIBAgIJAJ+Xet5c0YjjMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
BAMTDDkwMmE5ODYzYWEzNzAeFw0yMTEyMDIyMzAwMjBaFw0zMTExMzAyMzAwMjBa
MBcxFTATBgNVBAMTDDkwMmE5ODYzYWEzNzCCAaIwDQYJKoZIhvcNAQEBBQADggGP
ADCCAYoCggGBALMu8PXgzlNqUuNTamJ6U/jmqGacVetSLhb+/IbTl92NlFMt1ZGZ
n72Wb01gBHKXUMT9QHFUP0eTwDOTXyKRf8UrAdW3dwQDHthQ7MPWKEcHPApEKu5H
eo2JSEcyYGXqlr2Il62skfFudEY4xzgNrCc7KYAi8aUPsoqHICqzCGcU8Tw44/N0
HU9leHBKIlTm5h0mxNX8+/GQCbQvhyIebUNdN12qWhn7wAY7wbgtc23lLKgD++df
jOywttrrBCojHXdytMunUjbSavET8k0y45+3/r/VeKJBd3CA7glG2fBUW5xizS01
sfTJanuSL3FcE9lm3U1CCFblHEwAgip0z2cnu0MBy8WNYzDEyaZqE6VD2i0uRvf3
zCmJ3V77+0/fScgRS7JttyFW20UTVWh3olSXU8ORM1GSab6qWNTZpdVySlHeIdWC
QicAlADNY9EchvfQCcWl1wgBxWEOl4nTNUzdtE+X/kIR/VXuO+OwXA7qbx/ytwZO
LqoFarhD5S3X0wIDAQABozowODAXBgNVHREEEDAOggw5MDJhOTg2M2FhMzcwHQYD
VR0OBBYEFOQ85hdOd14qPZFoKasCsUwh2ktxMA0GCSqGSIb3DQEBCwUAA4IBgQAp
8GtAv4ZplaSKSGRFSJHM5ozbG5vn9mf7fx4vMMchKbituHB0CsgUL8JWRE4iG6o/
UKVfg93JaBqTTh8sGcBt9DEvufBsTY/oAQm3lUMk8xVWb6W00xCKOYcukXd8/i+B
rBbdCTdyYLb6JpdIUYEiUKKYypUiYAvgkiaSfz81Vf5R+X1TkPDvAIBlOzYS4XRG
zsDsadiiNJKjQbz3AEG/KEtail0L+EwYp+dAB0gMOPi/hfEaAHh7NfNbcHBp8SJZ
HkdQreNZXScPBmVx6XYv+SkRPHrE2arln3VCYbt2LwY7TVxL8U3Ii2Ui9+lUp18q
NcxxOBFkIDEJp8tUwxjh8sZRrl14NoYl688+d4oDmWd09VBr3Z3Gi7rPWzBvqDl9
Cvzm7tk0J5CDJ/pgoJC0DoZw6gyM9d0Eetk5uguLtSyZdRsBdD9gHeDbxZ/zykpT
VOtn1CstTpGrIu//upz4d9NV+3RWcX8zRsK3mqk/eMBqjdZw0AKVKE4jzzSouZk=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>47abdf273ac1</ds:KeyName>
<ds:KeyName>902a9863aa37</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=47abdf273ac1</ds:X509SubjectName>
<ds:X509Certificate>MIID6zCCAlOgAwIBAgIJAJsNOvtU9eJFMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
BAMTDDQ3YWJkZjI3M2FjMTAeFw0xOTA0MjYxODAzMzRaFw0yOTA0MjMxODAzMzRa
MBcxFTATBgNVBAMTDDQ3YWJkZjI3M2FjMTCCAaIwDQYJKoZIhvcNAQEBBQADggGP
ADCCAYoCggGBALjZmkfztDJ7HDqewumGwXfh93U8T4rjIw0wtc/Vh3PHMzNmJtie
MtoUjJaJ99I9UahrWprpdYQIgxDmjnN3mS89HvFHL/vq4r7m5srrxBXNfRuODyj2
FJ7R6RVrISyBv/zuSzdhqvC2pBsLp/qocSE+4KPQrVT6i+w7fDYtSTJX257YDRj8
XntvWUaXnCUMJuHbHbt7tDgKVYTsm6zP3ohaaVxFc2wzJ4SGQk/FY088ZShHWP9I
KJ/0YbSYxTXX3Htq5n54UDAIF1w8lUZvwxfbfWAhH7wTOZK/qAIm0d7RdrsFXs64
6VyQUhEY4LOsGJKQI+mLnLGrSUELTgsfdFcoArokN7RgCOXLsFDoP2QnXZX83VVG
1aWJb0rvtr/cDT9FOGrOVXaT/gtAt3rh39hlKRBpXvXZBE0L3gegam3Uq05drdHK
RFw+CHCXyCOvj/xjTmeQjQlhNPK3HetQqlSNhAgh+sDZkZzz3Qw1jU3D2JUHTPUN
9eC3c1+XWn5cTQIDAQABozowODAXBgNVHREEEDAOggw0N2FiZGYyNzNhYzEwHQYD
VR0OBBYEFLDpZ+fBmCN5KDjZ8UyjKHMXRcv2MA0GCSqGSIb3DQEBCwUAA4IBgQCi
GWsUc75R+jBjZfwbReMUCQkbS/a2A7de3VCyWUeoFnlTka9wUOxfKnTRE6XHvjFk
Q/4HT+mE+uHXnVoiJg/NM9yVTKPl503va1bm9+kEW1b6CoxTmUF+fTPc5Pxz9Rto
vlTVTWH8M2YK6nWrWB8xUEVz8hALHBtvN1JUd22mnN6v5s80JLdVc0lwFtcmvcp/
SnMwkYBIOkEe55uDwODVJtvpdEny0E6ZqofP5bfWfTccX4FOFuA0NqeBullDCjWg
ErIEnmT+qWYdsS2ru5K52pfSaTB1DHyeoiLnqJOnavg1LB0sIMRQK3O5t/5y59VD
9UuR9KGj6DZvpc/jN0CQ353NlG8U+a0QrK9Dkr/g/HiUs2819bNo13ZugdrZ758F
dL+Al2doe9BUzgfZTYm8p2lftfKw4Yycdj+p3DqNk4w1v6I6Oe8PbtwFjZvFFd50
SZert/PFKIu94m11abs//JPKo0+QcOTn7/5NVD7gRNZY2OpxeERTD2xhtk5zukg=
<ds:X509SubjectName>CN=902a9863aa37</ds:X509SubjectName>
<ds:X509Certificate>MIID6zCCAlOgAwIBAgIJAPyhTN3IjNxAMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
BAMTDDkwMmE5ODYzYWEzNzAeFw0yMTEyMDIyMzAwMjFaFw0zMTExMzAyMzAwMjFa
MBcxFTATBgNVBAMTDDkwMmE5ODYzYWEzNzCCAaIwDQYJKoZIhvcNAQEBBQADggGP
ADCCAYoCggGBALrIjRMDZivNAAEHazkPsOfZKQQ8ikxUlwex4W9jubXXIIKmQZBF
bU1or3GXSWQHjOmqM38elQ+pjZcyuGifGcT48inq4E57Mg0U6BWJChRwqbuUmF9t
t0I/oDqWkHfqx/UCP2poVT9b76ZLr9D+NCMFCZEw+eJukPV53c83baRdZUXM550X
YCNGbUXnifl9ZhlVkQ+teqsXayR+HBBljaJ7vE9pbv8yrVIR+sOsa68dJIMUFiBs
5OgZvfnto5BcwNwE1opaeORI0mkpZP1u/YOnlrHHIf5nSo5/MiF3gC9oGgWnRbnf
rWPwAvfcxlBURJsgjO/FSPWW/OmrtL8YafinPoFmWERpHXWmXfDecnHvOjhrwzSr
BjZciPxfDUfZZnpNX+ZRhZAhxR3IGwxN8tEHyNB6kJZHBY0PqaogcLUzhVbV7jUD
fWV4oQM14OkBx4bI5EYkTVaI966S1v/5fyltzhjkztC16M2xig3lBG5t+wFDsjUO
j86XM/lxm6R5CQIDAQABozowODAXBgNVHREEEDAOggw5MDJhOTg2M2FhMzcwHQYD
VR0OBBYEFP3RZINsIoxMe6LbKdaYexFlpR6XMA0GCSqGSIb3DQEBCwUAA4IBgQAx
ysr70luutkA31L0J4QF+JuS0UenIRwvlvnPusHqVU/0zS0PmE0gzZxRfdg1L3gNi
IqvpBk4nTpnL0nio/da+Grm+94DZRP0qalH+oPJaFK+cxGaSu2qaIWc1pZdgO5+8
r08MBb4d9hHviZ1Ay3r8m9Gs9FeD/BumZKatvTxts+ydP5TiJenz261djyBqBiTC
XFIW866d90l4QQQwWClkfbEN7fj65ANaHXeaYKdYUeUXAPh6oSDmshVE8VFhkIr0
JOpzj0wzn3Uy+Sqj9EqLxXxELZ0Ho3t9kwIVatNjbQEUd3yNsyDf8hmjCWJgHa5N
4PUHrjVIaqBQEE4f4NwKtAnNQ/bQ7EZiaXtPnJ9tMGGXZY1QztFa/Kv5j7zBgeyu
V5DuUo2gc+mm2oSYuicmZGA9tW6bGkwMM3Me90zNWMk68vFtB/mbGDPiKM7yODqT
3lF1Jj4UDI0oGK59Z06d9G03sAsDf9JDLQ9PfmEHSh7c2O+F9eEj3hrUMiYzDFA=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
@@ -107,4 +107,4 @@ SZert/PFKIu94m11abs//JPKo0+QcOTn7/5NVD7gRNZY2OpxeERTD2xhtk5zukg=
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://localhost:8443/Shibboleth.sso/SAML2/ECP" index="4"/>
</md:SPSSODescriptor>

</md:EntityDescriptor>
</md:EntityDescriptor>
2 changes: 1 addition & 1 deletion demo/shibboleth/midpoint_server/Dockerfile
View file
@@ -1,4 +1,4 @@
ARG tag=4.4.1
ARG tag=4.5

FROM i2incommon/midpoint:${tag}

9 changes: 0 additions & 9 deletions ...int_server/container_files/mp-home/post-initial-objects/securityPolicy/SecurityPolicy.xml
View file
@@ -17,16 +17,9 @@
<saml2>
<name>mySamlSso</name>
<description>My internal enterprise SAML-based SSO system.</description>
<network>
<readTimeout>10000</readTimeout>
<connectTimeout>5000</connectTimeout>
</network>
<serviceProvider>
<entityId>midpointdemo-shibboleth</entityId>
<signRequests>true</signRequests>
<wantAssertionsSigned>true</wantAssertionsSigned>
<singleLogoutEnabled>true</singleLogoutEnabled>
<nameId>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</nameId>
<keys>
<activeKeyStoreKey>
<keyStorePath>/etc/pki/mp/sp-shibboleth-keys.jks</keyStorePath>
@@ -41,11 +34,9 @@
</keys>
<identityProvider>
<entityId>https://idptestbed/idp/shibboleth</entityId>
<alias>idp-shibboleth</alias>
<metadata>
<pathToFile>/etc/shibboleth/idp-metadata.xml</pathToFile>
</metadata>
<skipSslValidation>true</skipSslValidation>
<linkText>Shibboleth</linkText>
<authenticationRequestBinding>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</authenticationRequestBinding>
<nameOfUsernameAttribute>uid</nameOfUsernameAttribute>
1 change: 1 addition & 0 deletions demo/shibboleth/tests/main.bats
View file
@@ -34,6 +34,7 @@ load ../../../library
}

@test "040 Check internal SAML redirection (/midpoint/auth/saml-internal)" {
curl -k --write-out %{redirect_url} --silent --output /dev/null https://localhost:8443/midpoint/auth/saml-internal/ > /tmp/debug
curl -k --write-out %{redirect_url} --silent --output /dev/null https://localhost:8443/midpoint/auth/saml-internal/ | grep 'https:\/\/localhost:8443\/midpoint\/auth\/saml-internal\/mySamlSso\/authenticate\/midpointdemo-shibboleth'
}

4 changes: 2 additions & 2 deletions demo/simple/docker-compose.yml
View file
@@ -2,7 +2,7 @@ version: "3.3"

services:
data_init:
image: i2incommon/midpoint:${tag:-4.4.1}
image: i2incommon/midpoint:${tag:-4.5}
command: >
bash -c "
chmod 777 /opt/mp-pw/ ;
@@ -57,7 +57,7 @@ services:
- mp_pw:/opt/mp-pw

midpoint_server:
image: i2incommon/midpoint:${tag:-4.4.1}
image: i2incommon/midpoint:${tag:-4.5}
depends_on:
- data_init
- midpoint_data
2 changes: 1 addition & 1 deletion download-midpoint.sh
View file
@@ -10,7 +10,7 @@ else
# But if we need to incorporate interim changes to I2 distribution during
# midPoint development cycle, we can specify concrete file from "midpoint-tier"
# download directory by using its name (like "latest-stable").
MP_VERSION="4.4.1"
MP_VERSION="4.5"
else
MP_VERSION=$tag
fi
3 changes: 2 additions & 1 deletion library.bash
View file
@@ -319,7 +319,8 @@ EOF
if [[ $HTTP_CODE -ge 500 ]]; then
echo "Error message: Internal server error. Unexpected error occurred, if necessary please contact system administrator."
else
local ERROR_MESSAGE=$(xmllint --xpath "/*/*[local-name()='message']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
local ERROR_MESSAGE
ERROR_MESSAGE=$(xmllint --xpath "/*/*/*/*[local-name()='message']/text()" $TMPFILE) || (echo "Couldn't extract error message from file:" ; cat $TMPFILE ; rm $TMPFILE; return 1)
echo "Error message: $ERROR_MESSAGE"
fi
rm $SEARCH_RESULT_FILE

0 comments on commit fce69ce

Please sign in to comment.