diff --git a/Workbench/docker-compose.yml b/Workbench/docker-compose.yml index d1aaa3b..b3d8bbe 100644 --- a/Workbench/docker-compose.yml +++ b/Workbench/docker-compose.yml @@ -224,10 +224,8 @@ services: environment: - CREATE_NEW_DATABASE=if_needed - - data_init: - image: i2incommon/midpoint:4.4 + image: i2incommon/midpoint:4.5 command: > bash -c " chmod 777 /opt/mp-pw/ ; @@ -390,28 +388,27 @@ services: volumes: - generated-metadata:/generated-metadata - generated-config:/generated-config - + idp_ui_data: - image: tier/mariadb:mariadb10.2 - ports: - - 33366:3306 + image: postgres environment: - MYSQL_USER: shibui - MYSQL_PASSWORD: secret - MYSQL_DATABASE: shibui - MYSQL_RANDOM_ROOT_PASSWORD: "yes" + POSTGRES_USER: shibui + POSTGRES_PASSWORD: secret + POSTGRES_DB: shibui networks: net: aliases: - idpui-data + ports: + - 15432:5432 healthcheck: - test: curl -s 127.0.0.1:3306 + test: /usr/bin/pg_isready interval: 30s timeout: 30s retries: 3 volumes: - - mariadb-data:/var/lib/mysql - + - idpui_data:/var/lib/postgresql/data + mq: build: ./mq/ environment: @@ -437,8 +434,6 @@ services: - CSPHOSTNAME networks: - net - depends_on: - - idp_ui_api ports: - 443:443 @@ -584,3 +579,4 @@ volumes: generated-config: generated-metadata: mariadb-data: + idpui_data: diff --git a/Workbench/grouper_daemon/Dockerfile b/Workbench/grouper_daemon/Dockerfile index d4e9f17..ed2aac3 100644 --- a/Workbench/grouper_daemon/Dockerfile +++ b/Workbench/grouper_daemon/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/grouper:2.6.0 +FROM i2incommon/grouper:2.6.16 LABEL author="tier-packaging@internet2.edu " diff --git a/Workbench/grouper_data/Dockerfile b/Workbench/grouper_data/Dockerfile index 877b492..5a548cc 100644 --- a/Workbench/grouper_data/Dockerfile +++ b/Workbench/grouper_data/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/grouper:2.6.0 +FROM i2incommon/grouper:2.6.16 LABEL author="tier-packaging@internet2.edu " diff --git a/Workbench/grouper_ui/Dockerfile b/Workbench/grouper_ui/Dockerfile index bedda8a..1b08601 100644 --- a/Workbench/grouper_ui/Dockerfile +++ b/Workbench/grouper_ui/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/grouper:2.6.0 +FROM i2incommon/grouper:2.6.16 LABEL author="tier-packaging@internet2.edu " diff --git a/Workbench/grouper_ws/Dockerfile b/Workbench/grouper_ws/Dockerfile index 61cfc90..c0613a6 100644 --- a/Workbench/grouper_ws/Dockerfile +++ b/Workbench/grouper_ws/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/grouper:2.6.0 +FROM i2incommon/grouper:2.6.16 LABEL author="tier-packaging@internet2.edu " diff --git a/Workbench/idp_ui/Dockerfile b/Workbench/idp_ui/Dockerfile index 2f449e3..9c8bf86 100644 --- a/Workbench/idp_ui/Dockerfile +++ b/Workbench/idp_ui/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/shib-idp-ui:1.9.2 +FROM i2incommon/shib-idp-ui:1.13.2 ARG CSPHOSTNAME=localhost ENV CSPHOSTNAME=$CSPHOSTNAME diff --git a/Workbench/idp_ui/container_files/idp_ui/application.yml b/Workbench/idp_ui/container_files/idp_ui/application.yml index cf04975..e5ccd7f 100644 --- a/Workbench/idp_ui/container_files/idp_ui/application.yml +++ b/Workbench/idp_ui/container_files/idp_ui/application.yml @@ -35,14 +35,15 @@ shibui: email: urn:oid:0.9.2342.19200300.100.1.3 spring: datasource: + platform: postgres + driver-class-name: org.postgresql.Driver + url: jdbc:postgresql://idpui-data:5432/shibui username: shibui password: secret - url: jdbc:mariadb://idpui-data:3306/shibui - driverClassName: org.mariadb.jdbc.Driver - platform: mariadb jpa: - database-platform: org.hibernate.dialect.MariaDBDialect - hibernate: - ddl-auto: update + show-sql: false + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQL95Dialect + format_sql: true - diff --git a/Workbench/idp_ui_api/Dockerfile b/Workbench/idp_ui_api/Dockerfile index 83f88d3..5eb3e5b 100644 --- a/Workbench/idp_ui_api/Dockerfile +++ b/Workbench/idp_ui_api/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/shib-idp-ui:1.9.2 +FROM i2incommon/shib-idp-ui:1.13.2 ARG CSPHOSTNAME=localhost ENV CSPHOSTNAME=$CSPHOSTNAME @@ -7,12 +7,4 @@ COPY container_files/idp_ui/application.yml /opt/shibui/ COPY container_files/idp_ui/shibui-test.p12 /opt/shibui/ COPY container_files/idp_ui/users.txt /opt/shibui/ -#RUN mkdir -p /opt/shibui/saml/ -##COPY container_files/idp_ui/samlkeystore.jks /opt/shibui/saml/ -#COPY container_files/idp_ui/idp-metadata.xml /opt/shibui/saml/ - -#COPY container_files/system/setservername.sh /usr/local/bin/ -#RUN chmod 755 /usr/local/bin/setservername.sh -#RUN /usr/local/bin/setservername.sh - EXPOSE 8443 diff --git a/Workbench/idp_ui_api/container_files/idp_ui/application.yml b/Workbench/idp_ui_api/container_files/idp_ui/application.yml index de6eb0b..f249ed8 100644 --- a/Workbench/idp_ui_api/container_files/idp_ui/application.yml +++ b/Workbench/idp_ui_api/container_files/idp_ui/application.yml @@ -23,14 +23,15 @@ shibui: authentication-header: IDPUI_API_KEY spring: datasource: + platform: postgres + driver-class-name: org.postgresql.Driver + url: jdbc:postgresql://idpui-data:5432/shibui username: shibui password: secret - url: jdbc:mariadb://idpui-data:3306/shibui - driverClassName: org.mariadb.jdbc.Driver - platform: mariadb jpa: - database-platform: org.hibernate.dialect.MariaDBDialect - hibernate: - ddl-auto: update + show-sql: false + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQL95Dialect + format_sql: true - diff --git a/Workbench/midpoint_server/Dockerfile b/Workbench/midpoint_server/Dockerfile index dadd9da..e482e0a 100644 --- a/Workbench/midpoint_server/Dockerfile +++ b/Workbench/midpoint_server/Dockerfile @@ -1,4 +1,4 @@ -FROM i2incommon/midpoint:4.4 +FROM i2incommon/midpoint:4.5 ARG CSPHOSTNAME=localhost ENV CSPHOSTNAME=$CSPHOSTNAME diff --git a/Workbench/midpoint_server/container_files/mp-home/lib/mariadb-java-client-3.0.6.jar b/Workbench/midpoint_server/container_files/mp-home/lib/mariadb-java-client-3.0.6.jar new file mode 100644 index 0000000..162c510 Binary files /dev/null and b/Workbench/midpoint_server/container_files/mp-home/lib/mariadb-java-client-3.0.6.jar differ diff --git a/Workbench/midpoint_server/container_files/mp-home/lib/mysql-connector-java-8.0.30.jar b/Workbench/midpoint_server/container_files/mp-home/lib/mysql-connector-java-8.0.30.jar new file mode 100644 index 0000000..92ebe1b Binary files /dev/null and b/Workbench/midpoint_server/container_files/mp-home/lib/mysql-connector-java-8.0.30.jar differ diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml index 372d41c..3570a5b 100644 --- a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml +++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml @@ -1,8 +1,8 @@ - + xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" + xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"> + Default Security Policy @@ -17,55 +17,35 @@ mySamlSso My internal enterprise SAML-based SSO system. - - 10000 - 5000 - midpointdemo-shibboleth true - true - true - urn:oasis:names:tc:SAML:2.0:nameid-format:transient - - /etc/pki/mp/sp-shibboleth-keys.jks - - changeit - - signing-key - - password - - - - /etc/pki/mp/sp-shibboleth-keys.jks - - changeit - - encrypt-key - - password - - encryption - + + /etc/pki/mp/sp-shibboleth-keys.jks + + changeit + + signing-key + + password + + - - https://idptestbed/idp/shibboleth - idp-shibboleth + + https://idptestbed/idp/shibboleth /etc/shibboleth/idp-metadata.xml - true Shibboleth urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST uid - + httpHeader - https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Logout + https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Logout REMOTE_USER @@ -99,7 +79,7 @@ internalLoginForm - 40 + 30 sufficient @@ -151,8 +131,8 @@ sufficient - /actuator - /actuator/health + /actuator + /actuator/health @@ -166,4 +146,4 @@ - \ No newline at end of file + diff --git a/Workbench/webproxy/container_files/httpd/index.html b/Workbench/webproxy/container_files/httpd/index.html index fa33d39..2852de7 100644 --- a/Workbench/webproxy/container_files/httpd/index.html +++ b/Workbench/webproxy/container_files/httpd/index.html @@ -9,10 +9,10 @@

Welcome to the InCommon TAP Workbench!

The system contains the following TAP components (click the links to access each component in its own tab):
@@ -34,10 +34,10 @@

Welcome to the InCommon TAP Workbench!

  • Shibboleth IdP (4.2.1) status
  • Shibboleth SPs:



    • diff --git a/Workbench/webproxy/container_files/system/startWithMDLoad.sh b/Workbench/webproxy/container_files/system/startWithMDLoad.sh index 1300403..0e158da 100755 --- a/Workbench/webproxy/container_files/system/startWithMDLoad.sh +++ b/Workbench/webproxy/container_files/system/startWithMDLoad.sh @@ -3,7 +3,7 @@ #wait for IdPUI's API, then load metadata into it pushd /mdload -./wait-for-it.sh -t 0 idp_ui_api:8443 -- ./loadMD.sh GrouperSP /mdload/grouper-sp.xml 60 && \ +./wait-for-it.sh -t 0 idp_ui_api:8443 -- ./loadMD.sh GrouperSP /mdload/grouper-sp.xml 90 && \ ./loadMD.sh midPointSP /mdload/midpoint-sp.xml 0 && \ ./loadMD.sh ProxySP /mdload/proxy-sp.xml 0 && \ ./loadMD.sh WordPressSP /mdload/wordpress-sp.xml 0 && \