Merge branch 'main' into grouper2.5.56

internet2 · Sep 13, 2021 · 033e538 · 033e538
2 parents 07ad776 + 5cb6d03
commit 033e538
Show file tree

Hide file tree

Showing 10 changed files with 355 additions and 43 deletions.
diff --git a/Workbench/comanage_cron/Dockerfile b/Workbench/comanage_cron/Dockerfile
@@ -21,7 +21,7 @@ ENV COMANAGE_REGISTRY_EMAIL_HOST=smtp.example.edu
 #ENV SHIBBOLETH_SP_METADATA_PROVIDER_XML=sdf
 #ENV SHIBBOLETH_SP_SAMLDS_URL=thing
 
-RUN apt-get update
+RUN apt-get update --allow-releaseinfo-change && apt-get update
 
 ARG maintainer=my
 ARG imagename=comanage

diff --git a/Workbench/docker-compose.yml b/Workbench/docker-compose.yml
@@ -223,7 +223,7 @@ services:
      - CREATE_NEW_DATABASE=if_needed
 
   midpoint_data:
-    image: postgres:11
+    image: postgres:12
     environment:
      - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt
      - POSTGRES_USER=midpoint

diff --git a/Workbench/idp/Dockerfile b/Workbench/idp/Dockerfile
@@ -6,6 +6,9 @@ ARG CSPHOSTNAME=localhost
 ENV CSPHOSTNAME=$CSPHOSTNAME
 
 COPY shibboleth-idp/ /opt/shibboleth-idp/
+#rather than copying metadata files included in above folder and including in config, instead upload these files to the IdP UI
+#  API info here: https://documenter.getpostman.com/view/446764/TzzHmCkn
+
 
 RUN mkdir -p /opt/shibboleth-idp/metadata/generated && mkdir -p /opt/shibboleth-idp/conf/generated
 

diff --git a/Workbench/idp_ui/Dockerfile b/Workbench/idp_ui/Dockerfile
@@ -1,4 +1,4 @@
-FROM i2incommon/shib-idp-ui:1.8.0
+FROM i2incommon/shib-idp-ui:1.9.0
 
 ARG CSPHOSTNAME=localhost
 ENV CSPHOSTNAME=$CSPHOSTNAME

diff --git a/Workbench/idp_ui/container_files/idp_ui/application.yml b/Workbench/idp_ui/container_files/idp_ui/application.yml
@@ -28,7 +28,7 @@ shibui:
     forceServiceProviderMetadataGeneration: false
     callbackUrl: "https://__CSPHOSTNAME__/idpui/callback"
     maximumAuthenticationLifetime: 3600000
-    saml2ProfileMapping:
+    simpleProfileMapping:
       username: urn:oid:0.9.2342.19200300.100.1.1
       firstname: urn:oid:2.5.4.42
       lastname: urn:oid:2.5.4.4
@@ -45,4 +45,4 @@ spring:
     hibernate:
       ddl-auto: update
 
-
+
diff --git a/Workbench/midpoint_server/Dockerfile b/Workbench/midpoint_server/Dockerfile
@@ -1,4 +1,5 @@
-FROM tier/midpoint:latest
+FROM tier/midpoint:4.3.2-SNAPSHOT
+#FROM tier/midpoint:latest
 
 MAINTAINER info@evolveum.com
 
@@ -23,6 +24,7 @@ COPY container_files/system/setservername.sh /usr/local/bin/
 RUN chmod 755 /usr/local/bin/setservername.sh
 #set hostname
 RUN /usr/local/bin/setservername.sh
+RUN yum install -y graphviz
 
 #COPY container_files/supervisor/supervisord.conf /etc/supervisor/
 

diff --git a/...ch/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-grouper.xml b/...ch/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-grouper.xml
@@ -14,7 +14,7 @@
           xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
 		  xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3"
 		  xmlns:rest="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-grouper-rest/com.evolveum.polygon.connector.grouper.rest.GrouperConnector"
-		  xmlns:conf="http://midpoint.evolveum.com/xml/ns/public/connector/builtin-1/bundle/com.evolveum.midpoint.provisioning.ucf.impl.builtin.async/AsyncUpdateConnector"
+		  xmlns:conf="http://midpoint.evolveum.com/xml/ns/public/connector/builtin-1/bundle/com.evolveum.midpoint.provisioning.ucf.impl.builtin.async.update/AsyncUpdateConnector"
           xmlns:xsd="http://www.w3.org/2001/XMLSchema"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 

diff --git a/...iner_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml b/...iner_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml
diff --git a/Workbench/webproxy/container_files/httpd/index.html b/Workbench/webproxy/container_files/httpd/index.html
@@ -9,9 +9,9 @@ <h3>Welcome to the InCommon TAP Workbench!</h3>
 The system contains the following TAP components (click the links to access each component in its own tab):
 <ul>
 <li><a href="https://__CSPHOSTNAME__/grouper" target="TAP-WB-GROUPER">Grouper (2.5.56)</a></li>
-<li><a href="https://__CSPHOSTNAME__/midpoint" target="TAP-WB-MIDPOINT">midPoint (4.2)</a></li>
-<li><a href="https://__CSPHOSTNAME__/registry" target="TAP-WB-COMANAGE">COmanage Registry (3.3.2)</a></li>
-<li><a href="https://__CSPHOSTNAME__/idpui/" target="TAP-WB-IDPUI">Shibboleth IdP UI (1.8.0)</a></li>
+ <li><a href="https://__CSPHOSTNAME__/midpoint" target="TAP-WB-MIDPOINT">midPoint (4.3.2)</a></li>
+ <li><a href="https://__CSPHOSTNAME__/registry" target="TAP-WB-COMANAGE">COmanage Registry (3.3.2)</a></li>
+<li><a href="https://__CSPHOSTNAME__/idpui/" target="TAP-WB-IDPUI">Shibboleth IdP UI (1.9.0)</a></li>
 </ul>
 <br />
 The system also contains the following downstream/target applications:

diff --git a/Workbench/webproxy/container_files/httpd/ssl.conf b/Workbench/webproxy/container_files/httpd/ssl.conf
@@ -152,6 +152,18 @@ SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
     Satisfy any
 </Location>
 
+<Location "/grouper-ws/servicesRest/">
+    Order deny,allow
+    Allow from all
+    Satisfy any
+</Location>
+
+<Location "/idpui/">
+    Order deny,allow
+    Allow from all
+    Satisfy any
+</Location>
+
 <Location />
   AuthType Basic
   AuthName "Restricted CSP content"