Skip to content

Commit

Permalink
fixes for IdP UI
Browse files Browse the repository at this point in the history
  • Loading branch information
@pcaskey
pcaskey committed Dec 17, 2020
1 parent cc5ac27 commit d760ffa
Show file tree
Hide file tree
Showing 9 changed files with 13 additions and 59 deletions.
2 changes: 1 addition & 1 deletion Workbench/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -324,7 +324,7 @@ services:
- generated-config:/generated-config

idp_ui_data:
image: tier/mariadb:latest
image: tier/mariadb:mariadb10.2
ports:
- 33366:3306
environment:
Expand Down
2 changes: 1 addition & 1 deletion Workbench/idp/container_files/idp/shibui-metadata-providers.xml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<MetadataProvider id="ShibbolethUIMetadataProvider" xsi:type="ChainingMetadataProvider"
<MetadataProvider id="ShibbolethMetadata" xsi:type="ChainingMetadataProvider"
xmlns="urn:mace:shibboleth:2.0:metadata"
xmlns:resource="urn:mace:shibboleth:2.0:resource"
xmlns:security="urn:mace:shibboleth:2.0:security"
Expand Down
3 changes: 1 addition & 2 deletions Workbench/idp/shibboleth-idp/conf/metadata-providers.xml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- This file is an EXAMPLE metadata configuration file. -->
<MetadataProvider id="ShibbolethMetadata" xsi:type="ChainingMetadataProvider"
<MetadataProvider id="IdPShibbolethMetadata" xsi:type="ChainingMetadataProvider"
xmlns="urn:mace:shibboleth:2.0:metadata"
xmlns:resource="urn:mace:shibboleth:2.0:resource"
xmlns:security="urn:mace:shibboleth:2.0:security"
Expand Down
7 changes: 3 additions & 4 deletions Workbench/idp/shibboleth-idp/conf/relying-party.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,15 +61,14 @@
Override example that identifies a single RP by name and configures it
for SAML 2 SSO without encryption. This is a common "vendor" scenario.
-->
<!--
<bean parent="RelyingPartyByName" c:relyingPartyIds="https://sp.example.org">

<bean parent="RelyingPartyByName" c:relyingPartyIds="https://sp.example.org/shibui">
<property name="profileConfigurations">
<list>
<bean parent="SAML2.SSO" p:encryptAssertions="false" />
<bean parent="SAML2.SSO" p:encryptionOptional="true" />
</list>
</property>
</bean>
-->

</util:list>

Expand Down
2 changes: 1 addition & 1 deletion Workbench/idp/shibboleth-idp/conf/services.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@

<util:list id="shibboleth.MetadataResolverResources">
<value>%{idp.home}/conf/metadata-providers.xml</value>
<!--<value>%{idp.home}/conf/generated/shibui-metadata-providers.xml</value>-->
<value>%{idp.home}/conf/generated/shibui-metadata-providers.xml</value>
<value>%{idp.home}/system/conf/metadata-providers-system.xml</value>
</util:list>

Expand Down
48 changes: 2 additions & 46 deletions Workbench/idp/shibboleth-idp/metadata/idpui-sp.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,52 +15,8 @@
<md:Extensions>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://__CSPHOSTNAME__/idpui/callback?client_name=Saml2Client"/>
</md:Extensions>
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIICpzCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAXMRUwEwYDVQQDDAxmYzRh
ZGZjYWU2YzEwHhcNMjAxMjE1MjE0MTEzWhcNMjExMjE1MjE0MTE0WjAXMRUwEwYD
VQQDDAxmYzRhZGZjYWU2YzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCA6b7o1/Nk7n1QGEnlmvG9xEY7F9adyx5KBvoLLDQDN6PIKxH5nFoJJEmh3xWG
BDWJV6+QG3qaCOLDgNzVPw8M9Ns+P9pVn+/y4Lpddel2QgoTNkUM7w1/1sm4LbbL
rcnMqYjhGwdm5ay+PvmhUOncmQN3m7x58JRRQcaDmFY3wKs61F5+dDa1AJydjrNW
2V1tJVOFEOozmxJDh0rllIzzlmacBNBK9i5pfhOt3dMoh4PdBsUqiqWFGPEYX+Vx
BmtcpHblNXfQSORVIuqx4qbti//QcFMT+DNe08TTCs9/UFwRZI/MDM1sdRge4Im3
a9u509zFJJBNh9UWwR3Bzlg5AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAFd1tj7E
joWPXpknmMzVGiJ3+3khvXnuIMOTHMcllxrjwcbAEfZ115tVlZHw3zza1qN3kq1L
Gcg9NYCikn+ogPr542X06AgUs3KYBzHOTyubcgCGcvltNaOR+Du1LMQgr6VS5RII
m8O7eQjL/Rpbm5GOkRROT8Sr+c8jcVFJoqw84pZyKdOaFTns2GfwLbHltLucLaON
066UxGVYjBKhqeEzuEm+vn7Igrls6djGNKgH5DdmVpTzCqVyAUDEcGgRN6NOhcss
4GamIudEFQczGqVgywv0nYIHZtSvYerO82ctt+osaOnmGU+Do4tdbBhIFHbguhzT
490d7NC/yWS99RU=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIICpzCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAXMRUwEwYDVQQDDAxmYzRh
ZGZjYWU2YzEwHhcNMjAxMjE1MjE0MTEzWhcNMjExMjE1MjE0MTE0WjAXMRUwEwYD
VQQDDAxmYzRhZGZjYWU2YzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCA6b7o1/Nk7n1QGEnlmvG9xEY7F9adyx5KBvoLLDQDN6PIKxH5nFoJJEmh3xWG
BDWJV6+QG3qaCOLDgNzVPw8M9Ns+P9pVn+/y4Lpddel2QgoTNkUM7w1/1sm4LbbL
rcnMqYjhGwdm5ay+PvmhUOncmQN3m7x58JRRQcaDmFY3wKs61F5+dDa1AJydjrNW
2V1tJVOFEOozmxJDh0rllIzzlmacBNBK9i5pfhOt3dMoh4PdBsUqiqWFGPEYX+Vx
BmtcpHblNXfQSORVIuqx4qbti//QcFMT+DNe08TTCs9/UFwRZI/MDM1sdRge4Im3
a9u509zFJJBNh9UWwR3Bzlg5AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAFd1tj7E
joWPXpknmMzVGiJ3+3khvXnuIMOTHMcllxrjwcbAEfZ115tVlZHw3zza1qN3kq1L
Gcg9NYCikn+ogPr542X06AgUs3KYBzHOTyubcgCGcvltNaOR+Du1LMQgr6VS5RII
m8O7eQjL/Rpbm5GOkRROT8Sr+c8jcVFJoqw84pZyKdOaFTns2GfwLbHltLucLaON
066UxGVYjBKhqeEzuEm+vn7Igrls6djGNKgH5DdmVpTzCqVyAUDEcGgRN6NOhcss
4GamIudEFQczGqVgywv0nYIHZtSvYerO82ctt+osaOnmGU+Do4tdbBhIFHbguhzT
490d7NC/yWS99RU=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="signing" />
<md:KeyDescriptor use="encryption" />
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://__CSPHOSTNAME__/idpui/callback?client_name=Saml2Client&amp;idplogoutrequest=true"/>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
Expand Down
2 changes: 1 addition & 1 deletion Workbench/idp_ui/container_files/idp_ui/application.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ shibui:
target: "file:/generated-config/shibui-metadata-providers.xml"
metadata-dir: "/generated-metadata"
beacon-enabled: true
pac4j-enabled: false
pac4j-enabled: true
pac4j:
keystorePath: "/opt/shibui/saml/samlkeystore.jks"
keystorePassword: "changeit"
Expand Down
Binary file modified Workbench/webproxy/container_files/httpd/csp_logo.jpg
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
6 changes: 3 additions & 3 deletions Workbench/webproxy/container_files/httpd/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,11 @@ <h3>Welcome to the InCommon TAP Workbench!</h3>
<li><a href="https://__CSPHOSTNAME__/idpui/" target="TAP-WB-IDPUI">Shibboleth IdP UI (1.7.0)</a></li>
<li>Shibboleth SPs:</li>
<ul>
<li><a href="https://__CSPHOSTNAME__/grouperSSO/Shibboleth.sso/Status" target="TAP-WB-gSP">Grouper SP (3.1.0) status</a></li>
<li><a href="https://__CSPHOSTNAME__/grouperSSO/Shibboleth.sso/Status" target="TAP-WB-gSP">Grouper SP (3.2.0) status</a></li>
<li><a href="https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Status" target="TAP-WB-mSP">midPoint SP (3.1.0) status</a></li>
<li><a href="https://__CSPHOSTNAME__/registrySSO/Shibboleth.sso/Status" target="TAP-WB-cSP">COmanage SP (3.1.0) status</a></li>
<li><a href="https://__CSPHOSTNAME__/registrySSO/Shibboleth.sso/Status" target="TAP-WB-cSP">COmanage SP (3.2.0) status</a></li>
</ul>
<li><a href="https://__CSPHOSTNAME__/grouper" target="TAP-WB-GROUPER">Grouper (2.5.37)</a></li>
<li><a href="https://__CSPHOSTNAME__/grouper" target="TAP-WB-GROUPER">Grouper (2.5.37.1)</a></li>
<li><a href="https://__CSPHOSTNAME__/midpoint" target="TAP-WB-MIDPOINT">midPoint (4.2)</a></li>
<li><a href="https://__CSPHOSTNAME__/registry" target="TAP-WB-COMANAGE">COmanage (3.3.1)</a></li>
</ul>
Expand Down

0 comments on commit d760ffa

Please sign in to comment.