Merge pull request #118 from internet2/PC_updates_8-21

update IdP, IdPUI, mp_DB, basic auth

Workbench/docker-compose.yml

@@ -223,23 +223,26 @@ services:
      - CREATE_NEW_DATABASE=if_needed
 
   midpoint_data:
-    image: tier/mariadb:mariadb10
+    image: postgres:11
+    environment:
+     - POSTGRES_PASSWORD_FILE=/run/secrets/mp_database_password.txt
+     - POSTGRES_USER=midpoint
+     - POSTGRES_INITDB_ARGS=--lc-collate=en_US.utf8 --lc-ctype=en_US.utf8
     ports:
-     - 33306:3306
+     - 5432:5432
     networks:
       net:
         aliases:
          - midpoint-data
+    secrets:
+     - mp_database_password.txt
     healthcheck:
-      test: curl -s 127.0.0.1:3306
+      test: /usr/bin/pg_isready
       interval: 30s
       timeout: 30s
       retries: 3
     volumes:
-     - midpoint_mysql:/var/lib/mysql
-     - midpoint_data:/var/lib/mysqlmounted
-    environment:
-     - CREATE_NEW_DATABASE=if_needed
+     - midpoint_data:/var/lib/postgresql/data
 
   midpoint_server:
     build: 
@@ -255,12 +258,12 @@ services:
     environment:
      - ENV
      - USERTOKEN
-     - REPO_DATABASE_TYPE
+     - REPO_DATABASE_TYPE=postgresql
+     - REPO_HOST=midpoint_data
      - REPO_JDBC_URL
-     - REPO_HOST
-     - REPO_PORT
-     - REPO_DATABASE
-     - REPO_USER
+     - REPO_PORT=5432
+     - REPO_DATABASE=midpoint
+     - REPO_USER=midpoint
      - REPO_MISSING_SCHEMA_ACTION
      - REPO_UPGRADEABLE_SCHEMA_ACTION
      - REPO_SCHEMA_VERSION_IF_MISSING

Workbench/idp_ui/Dockerfile

@@ -1,4 +1,4 @@
-FROM tier/shib-idp-ui:1.7.0
+FROM i2incommon/shib-idp-ui:1.8.0
 
 ARG CSPHOSTNAME=localhost
 ENV CSPHOSTNAME=$CSPHOSTNAME

Workbench/webproxy/container_files/httpd/index.html

@@ -11,7 +11,7 @@ <h3>Welcome to the InCommon TAP Workbench!</h3>
 <li><a href="https://__CSPHOSTNAME__/grouper" target="TAP-WB-GROUPER">Grouper (2.5.37.1)</a></li>
 <li><a href="https://__CSPHOSTNAME__/midpoint" target="TAP-WB-MIDPOINT">midPoint (4.2)</a></li>
 <li><a href="https://__CSPHOSTNAME__/registry" target="TAP-WB-COMANAGE">COmanage Registry (3.3.2)</a></li>
-<li><a href="https://__CSPHOSTNAME__/idpui/" target="TAP-WB-IDPUI">Shibboleth IdP UI (1.7.0)</a></li>
+<li><a href="https://__CSPHOSTNAME__/idpui/" target="TAP-WB-IDPUI">Shibboleth IdP UI (1.8.0)</a></li>
 </ul>
 <br />
 The system also contains the following downstream/target applications:
@@ -29,7 +29,7 @@ <h3>Welcome to the InCommon TAP Workbench!</h3>
 <br />
 Shibboleth SAML Identity Provider and Service Providers:
 <ul>
-<li><a href="https://__CSPHOSTNAME__/idp/status" target="TAP-WB-IDP">Shibboleth IdP (4.1.0) status</a></li>
+<li><a href="https://__CSPHOSTNAME__/idp/status" target="TAP-WB-IDP">Shibboleth IdP (4.1.4) status</a></li>
 <li>Shibboleth SPs:</li>
 <ul>
   <li><a href="https://__CSPHOSTNAME__/grouperSSO/Shibboleth.sso/Status" target="TAP-WB-gSP">Grouper SP (3.2.0) status</a></li>

Workbench/webproxy/container_files/httpd/localhost.crt

@@ -20,3 +20,4 @@ S9CdVFrjPsXEXR6xgkc+9MMp8gm9jE8zCWtchUuRJ4U8NzU7Gis+Iv/FV2U20zMu
 4kLztJG8DPTgNZQrQSa6BZZDgIAEuA9frTY0ZXu+T2US4YSaEwPU7StS3bxHM9Rl
 E80fmNm6AJm9ZttThX3wRZTR5Q==
 -----END CERTIFICATE-----
+

Workbench/webproxy/container_files/httpd/localhost.key

@@ -25,3 +25,4 @@ LFZdAoGBAMCWngFyEu4/P5kfyI9V7Auidt764XA+lRP8m+e4RSMxp3OLr57UUL1F
 kdIRpkMNF205fsXwx1BERfTAMg6b0gU0a9TU4o//YpaM/IuqduMoU+Zko7SOCfqx
 ngtfxppjxXg95bs1CdMUq6ZLSUkuHSwkq3xVuLefS1qvnY6HV2Wk
 -----END RSA PRIVATE KEY-----
+

Workbench/webproxy/container_files/httpd/ssl.conf

@@ -146,6 +146,12 @@ SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
 #           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
 #</Location>
 
+<Location "/midpoint/ws/">
+    Order deny,allow
+    Allow from all
+    Satisfy any
+</Location>
+
 <Location />
   AuthType Basic
   AuthName "Restricted CSP content"