Skip to content

Commit

Permalink
update midpoint to 4.5
Browse files Browse the repository at this point in the history
  • Loading branch information
root committed Sep 21, 2022
1 parent ad473b3 commit ae35351
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 48 deletions.
4 changes: 1 addition & 3 deletions Workbench/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -224,10 +224,8 @@ services:
environment:
- CREATE_NEW_DATABASE=if_needed



data_init:
image: i2incommon/midpoint:4.4
image: i2incommon/midpoint:4.5
command: >
bash -c "
chmod 777 /opt/mp-pw/ ;
Expand Down
2 changes: 1 addition & 1 deletion Workbench/midpoint_server/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM i2incommon/midpoint:4.4
FROM i2incommon/midpoint:4.5

ARG CSPHOSTNAME=localhost
ENV CSPHOSTNAME=$CSPHOSTNAME
Expand Down
62 changes: 21 additions & 41 deletions ...erver/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<objects xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3">
<securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" oid="00000000-0000-0000-0000-000000000120" version="2">
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3">
<securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" oid="00000000-0000-0000-0000-000000000120" version="2">
<name>Default Security Policy</name>
<authentication>
<modules>
Expand All @@ -17,55 +17,35 @@
<saml2>
<name>mySamlSso</name>
<description>My internal enterprise SAML-based SSO system.</description>
<network>
<readTimeout>10000</readTimeout>
<connectTimeout>5000</connectTimeout>
</network>
<serviceProvider>
<entityId>midpointdemo-shibboleth</entityId>
<signRequests>true</signRequests>
<wantAssertionsSigned>true</wantAssertionsSigned>
<singleLogoutEnabled>true</singleLogoutEnabled>
<nameId>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</nameId>
<keys>
<activeKeyStoreKey>
<keyStorePath>/etc/pki/mp/sp-shibboleth-keys.jks</keyStorePath>
<keyStorePassword>
<t:clearValue>changeit</t:clearValue>
</keyStorePassword>
<keyAlias>signing-key</keyAlias>
<keyPassword>
<t:clearValue>password</t:clearValue>
</keyPassword>
</activeKeyStoreKey>
<standByKeyStoreKey>
<keyStorePath>/etc/pki/mp/sp-shibboleth-keys.jks</keyStorePath>
<keyStorePassword>
<t:clearValue>changeit</t:clearValue>
</keyStorePassword>
<keyAlias>encrypt-key</keyAlias>
<keyPassword>
<t:clearValue>password</t:clearValue>
</keyPassword>
<type>encryption</type>
</standByKeyStoreKey>
<activeKeyStoreKey>
<keyStorePath>/etc/pki/mp/sp-shibboleth-keys.jks</keyStorePath>
<keyStorePassword>
<t:clearValue>changeit</t:clearValue>
</keyStorePassword>
<keyAlias>signing-key</keyAlias>
<keyPassword>
<t:clearValue>password</t:clearValue>
</keyPassword>
</activeKeyStoreKey>
</keys>
<provider>
<entityId>https://idptestbed/idp/shibboleth</entityId>
<alias>idp-shibboleth</alias>
<identityProvider>
<entityId>https://idptestbed/idp/shibboleth</entityId>
<metadata>
<pathToFile>/etc/shibboleth/idp-metadata.xml</pathToFile>
</metadata>
<skipSslValidation>true</skipSslValidation>
<linkText>Shibboleth</linkText>
<authenticationRequestBinding>urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST</authenticationRequestBinding>
<nameOfUsernameAttribute>uid</nameOfUsernameAttribute>
</provider>
</identityProvider>
</serviceProvider>
</saml2>
<httpHeader>
<name>httpHeader</name>
<logoutUrl>https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Logout</logoutUrl>
<logoutUrl>https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Logout</logoutUrl>
<usernameHeader>REMOTE_USER</usernameHeader>
</httpHeader>
</modules>
Expand Down Expand Up @@ -99,7 +79,7 @@
</requireAssignmentTarget>
<module>
<name>internalLoginForm</name>
<order>40</order>
<order>30</order>
<necessity>sufficient</necessity>
</module>
</sequence>
Expand Down Expand Up @@ -151,8 +131,8 @@
<necessity>sufficient</necessity>
</module>
</sequence>
<ignoredLocalPath>/actuator</ignoredLocalPath>
<ignoredLocalPath>/actuator/health</ignoredLocalPath>
<ignoredLocalPath>/actuator</ignoredLocalPath>
<ignoredLocalPath>/actuator/health</ignoredLocalPath>
</authentication>
<credentials>
<password>
Expand All @@ -166,4 +146,4 @@
</credentials>
</securityPolicy>

</objects>
</objects>
4 changes: 2 additions & 2 deletions Workbench/webproxy/container_files/httpd/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ <h3>Welcome to the InCommon TAP Workbench!</h3>

<ul>
<li><a href="https://__CSPHOSTNAME__/grouper" target="TAP-WB-GROUPER">Grouper (2.6.0)</a></li>
<li><a href="https://__CSPHOSTNAME__/midpoint" target="TAP-WB-MIDPOINT">midPoint (4.4)</a></li>
<li><a href="https://__CSPHOSTNAME__/midpoint" target="TAP-WB-MIDPOINT">midPoint (4.5)</a></li>
<li><a href="https://__CSPHOSTNAME__/registry" target="TAP-WB-COMANAGE">COmanage Registry (3.3.4)</a></li>
<li><a href="https://__CSPHOSTNAME__/idpui/" target="TAP-WB-IDPUI">Shibboleth IdP UI (1.13.2)</a></li>
</ul>
Expand All @@ -35,7 +35,7 @@ <h3>Welcome to the InCommon TAP Workbench!</h3>
<li>Shibboleth SPs:</li>
<ul>
<li><a href="https://__CSPHOSTNAME__/grouperSSO/Shibboleth.sso/Status" target="TAP-WB-gSP">Grouper SP (3.2.0) status</a></li>
<li><a href="https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Status" target="TAP-WB-mSP">midPoint SP (3.2.3) status</a></li>
<li><a href="https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Status" target="TAP-WB-mSP">midPoint SP (3.3.0) status</a></li>
<li><a href="https://__CSPHOSTNAME__/registrySSO/Shibboleth.sso/Status" target="TAP-WB-cSP">COmanage SP (3.2.0) status</a></li>
<li><a href="https://__CSPHOSTNAME__/wordpressSSO/Shibboleth.sso/Status" target="TAP-WB-wSP">Wordpress SP (3.2.0) status</a></li>
</ul>
Expand Down
2 changes: 1 addition & 1 deletion Workbench/webproxy/container_files/system/startWithMDLoad.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

#wait for IdPUI's API, then load metadata into it
pushd /mdload
./wait-for-it.sh -t 0 idp_ui_api:8443 -- ./loadMD.sh GrouperSP /mdload/grouper-sp.xml 60 && \
./wait-for-it.sh -t 0 idp_ui_api:8443 -- ./loadMD.sh GrouperSP /mdload/grouper-sp.xml 90 && \
./loadMD.sh midPointSP /mdload/midpoint-sp.xml 0 && \
./loadMD.sh ProxySP /mdload/proxy-sp.xml 0 && \
./loadMD.sh WordPressSP /mdload/wordpress-sp.xml 0 && \
Expand Down

0 comments on commit ae35351

Please sign in to comment.