Skip to content

internet2/grouper-ext-auth

6d9aebe6c2
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
2 branches 4 tags
Go to file
Code

Latest commit

Jj! [NOTASK]
6d9aebe Nov 28, 2023
[NOTASK] 
fix build of idp image (convert files to unix files, make scripts executable)
6d9aebe

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.mvn/wrapper
[NOTASK]
August 19, 2022 13:42
src
[NOTASK]
November 28, 2023 11:53
.gitignore
[NOTASK]
August 19, 2022 13:42
README.adoc
[NOTASK]
November 3, 2023 12:12
mvnw
[NOTASK]
August 19, 2022 13:42
mvnw.cmd
[NOTASK]
August 19, 2022 13:42
pom.xml
[NOTASK]
November 13, 2023 12:18
Grouper External Authentication Plugin Usage Version 4.x Version 5.x+ More Information

README.adoc

Grouper External Authentication Plugin

Grouper plugin that provides configurable authentication. Features include

  • Authentication for UI

  • Multiple methods, including SAML2 and OIDC

Usage

Version 4.x

For a fully integrated sample configuration, see src/test/docker in the git repo at https://github.internet2.edu/internet2/grouper-ext-auth

  1. Add plugin to Grouper image

    COPY grouper-authentication-plugin.jar /opt/grouper/plugins

  2. Enable Plugins

    In grouper.properties, add properties

    grouper.osgi.enable = true
grouper.osgi.jar.dir = /opt/grouper/plugins
grouper.osgi.framework.boot.delegation=org.osgi.*,javax.*,org.apache.commons.logging,edu.internet2.middleware.grouperClient.*,edu.internet2.middleware.grouper.*,org.w3c.*,org.xml.*,sun.*

grouperOsgiPlugin.0.jarName = grouper-authentication-plugin.jar

    grouper.osgi.jar.dir should point to the directory you copied the file to in your image build file

    grouperOsgiPlugin.0.jarName should be the name of the file you copied in

  3. Configure UI

    In `grouper-ui.properties, add properties appropriate for desired authentication. Note that only one can be used.

    Most of the configuration for the underlying authentication library is exposed to the Grouper configuration. Any field in the Java classes can be directly set using the field name or a setter used by using a related property (setting attribute=value will call setAttribute(value) )

    1. SAML2

      For SAML2, for example:

      external.authentication.provider = saml
external.authentication.saml.identityProviderEntityId = https://idp.unicon.local/idp/shibboleth
external.authentication.saml.serviceProviderEntityId = http://localhost:8080/grouper
external.authentication.saml.serviceProviderMetadataPath = file:/opt/grouper/sp-metadata.xml
external.authentication.saml.identityProviderMetadataPath = file:/opt/grouper/idp-metadata.xml
external.authentication.saml.keystorePath = file:/opt/grouper/here.key
external.authentication.saml.keystorePassword = testme
external.authentication.saml.privateKeyPassword = testme
external.authentication.saml.attributeAsId = urn:oid:0.9.2342.19200300.100.1.1

    2. OIDC

      For OIDC, for example:

      external.authentication.provider = oidc
external.authentication.oidc.clientId = *****
external.authentication.oidc.discoveryURI = https://unicon.okta.com/.well-known/openid-configuration
external.authentication.oidc.secret = *****
external.authentication.oidc.claimAsUsername = preferred_username

Version 5.x+

TODO

More Information

If assistance is needed (e.g., bugs, errors, configuration samples), feel free to open a ticket in the github repository or ask on the Slack channel

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks

Releases 4

1.0.0 Latest
Jan 15, 2024
+ 3 releases

Packages

No packages published

Contributors 3

Languages