diff options
Diffstat (limited to 'asgard')
| -rw-r--r-- | asgard/settings.d/10-apps.conf | 1 | ||||
| -rw-r--r-- | asgard/settings.d/20-saml.conf | 84 | ||||
| -rw-r--r-- | asgard/venv.conf | 5 |
3 files changed, 14 insertions, 76 deletions
diff --git a/asgard/settings.d/10-apps.conf b/asgard/settings.d/10-apps.conf index e0ccd0f..5b5efc9 100644 --- a/asgard/settings.d/10-apps.conf +++ b/asgard/settings.d/10-apps.conf @@ -12,5 +12,4 @@ INSTALLED_APPS += [ 'coip.apps.saml2', 'coip.apps.resource', 'coip.apps.scim', - 'coip.apps.services' ] diff --git a/asgard/settings.d/20-saml.conf b/asgard/settings.d/20-saml.conf index 833c21f..3d02fa4 100644 --- a/asgard/settings.d/20-saml.conf +++ b/asgard/settings.d/20-saml.conf @@ -1,81 +1,17 @@ - from django.conf import settings from saml2 import BINDING_HTTP_POST, BINDING_HTTP_REDIRECT -METADATA = 'http://md.swamid.se/md/swamid-1.0.xml' +SAML_METADATA_FILE = "/var/run/swamid-idp-transitive.xml" +SAML_CREATE_UNKNOWN_USER = True +SAML_CONFIG_LOADER = "coip.apps.auth.asgard_sp_config" AUTH_PROFILE_MODULE = 'userprofile.UserProfile' -#SAML_KEY = "/etc/ssl/private/ssl-cert-snakeoil.key" -#SAML_CERT = "/etc/ssl/certs/ssl-cert-snakeoil.pem" - -SAML_ATTRIBUTE_MAPPING = { - 'eduPersonPrincipalName': 'username', - 'mail': 'email', - 'givenName': 'first_name', - 'sn': 'last_name', -} - LOGIN_URL = '/saml2/sp/login/' SESSION_EXPIRE_AT_BROWSER_CLOSE = True - -def asgard_sp_config(request=None): - host = "localhost" - if request != None: - host = request.get_host().replace(":","-") - return { - # your entity id, usually your subdomain plus the url to the metadata view - 'entityid': 'https://coip.app.nordu.net/saml2/sp/metadata', - # directory with attribute mapping - "attribute_map_dir" : "%s/saml2/attributemaps" % settings.BASE_DIR, - # this block states what services we provide - 'service': { - # we are just a lonely SP - 'sp' : { - 'name': 'COIP', - 'endpoints': { - # url and binding to the assertion consumer service view - # do not change the binding osettingsr service name - 'assertion_consumer_service': [ - ('https://coip.app.nordu.net/saml2/sp/acs/', - BINDING_HTTP_POST), - ], - # url and binding to the single logout service view - # do not change the binding or service name - 'single_logout_service': [ - ('https://coip.app.nordu.net/saml2/sp/ls/', - BINDING_HTTP_REDIRECT), - ], - }, - # attributes that this project need to identify a user - 'required_attributes': ['eduPersonPrincipalName','displayName'], - # attributes that may be useful to have but not required - 'optional_attributes': ['eduPersonAffiliation'], - } - }, - - # where the remote metadata is stored - 'metadata': { 'local': ['/tmp/swamid-idp.xml'] }, - - # set to 1 to output debugging information - 'debug': 1, - - # certificate - "key_file" : "%s/%s.key" % (settings.SSL_KEY_DIR,host), - "cert_file" : "%s/%s.crt" % (settings.SSL_CRT_DIR,host), - # own metadata settings - 'contact_person': [ - {'given_name': 'Leif', - 'sur_name': 'Johansson', - 'company': 'NORDUnet', - 'email_address': 'leifj@nordu.net', - 'contact_type': 'technical'}, - ], - # you can set multilanguage information here - 'organization': { - 'name': [('NORDUNet', 'en')], - 'display_name': [('NORDUnet A/S', 'en')], - 'url': [('http://www.nordu.net', 'en')], - }, - 'valid_for': 24, # how long is our metadata valid +SAML_ATTRIBUTE_MAPPING = { + 'username': ['eduPersonPrincipalName'], + 'first_name': ['givenName'], + 'last_name': ['sn'], + 'display_name': ['displayName','cn'] } - -SAML_CONFIG_GENERATOR = asgard_sp_config
\ No newline at end of file +#AUTHENTICATION_BACKENDS += ['coip.apps.utils.saml.TargetedUsernameSamlBackend'] +AUTO_REMOTE_SUPERUSERS = ['leifj@nordu.net']
\ No newline at end of file diff --git a/asgard/venv.conf b/asgard/venv.conf index f62501f..112c997 100644 --- a/asgard/venv.conf +++ b/asgard/venv.conf @@ -1,4 +1,4 @@ -django==1.3.1 +django==1.4.1 Werkzeug==0.6.2 anyjson==0.3.1 celery==2.3.3 @@ -8,6 +8,7 @@ django-form-utils==0.2.0 git+git://github.com/leifj/django-oauth2-lite.git https://launchpad.net/pysaml2/main/0.4.2/+download/pysaml2-0.4.2.tar.gz django-tagging==0.3.1 +djangosaml2==0.6.1 httplib2==0.6.0 importlib==1.0.2 lxml==2.3 @@ -27,3 +28,5 @@ django-activity-stream==0.3.9 python-memcached hg+https://bitbucket.org/leifj/djangosaml2 iso8601 +django-taggit==0.9.3 +django-tastypie==0.9.11
\ No newline at end of file |