From 89cdabb24a311e429d6acca4c3b19357af221ad4 Mon Sep 17 00:00:00 2001 From: Henrik Lund Kramshoej Date: Tue, 11 Jul 2017 11:27:53 +0200 Subject: Added the right LDAP settings, works now with my password --- apache-sp/Dockerfile | 1 + apache-sp/nordunet.png | Bin 0 -> 20823 bytes apache-sp/shibd/shibboleth2.xml | 2 +- conf-from-container/shell.sh | 2 +- nordu-ldap.properties | 12 ++++++------ template-config/attribute-resolver.xml | 8 ++++++++ 6 files changed, 17 insertions(+), 8 deletions(-) create mode 100644 apache-sp/nordunet.png diff --git a/apache-sp/Dockerfile b/apache-sp/Dockerfile index 51cc408..27f5013 100644 --- a/apache-sp/Dockerfile +++ b/apache-sp/Dockerfile @@ -10,6 +10,7 @@ ADD apache-conf/*.conf /etc/apache2/sites-available/ ADD shibd/shibboleth2.xml /etc/shibboleth/ ADD secure /var/www/secure ADD entrypoint.sh /entrypoint.sh +ADD nordunet.png /usr/share/shibboleth/nordunet.png RUN chmod a+rx /entrypoint.sh EXPOSE 443 EXPOSE 80 diff --git a/apache-sp/nordunet.png b/apache-sp/nordunet.png new file mode 100644 index 0000000..9948f66 Binary files /dev/null and b/apache-sp/nordunet.png differ diff --git a/apache-sp/shibd/shibboleth2.xml b/apache-sp/shibd/shibboleth2.xml index c6a759f..e428170 100644 --- a/apache-sp/shibd/shibboleth2.xml +++ b/apache-sp/shibd/shibboleth2.xml @@ -25,7 +25,7 @@ + helpLocation="/about" logoLocation="/shibboleth-sp/nordunet.png" /> diff --git a/conf-from-container/shell.sh b/conf-from-container/shell.sh index 182d4c1..e6f21d8 100644 --- a/conf-from-container/shell.sh +++ b/conf-from-container/shell.sh @@ -1 +1 @@ -docker exec -ti `docker ps | cut -f 1 -d ' ' | grep -v "CONTAINER"` bash +docker exec -ti `docker ps | grep shibboleth-docker | cut -f 1 -d ' ' ` bash diff --git a/nordu-ldap.properties b/nordu-ldap.properties index dd43f21..d265541 100644 --- a/nordu-ldap.properties +++ b/nordu-ldap.properties @@ -1,10 +1,10 @@ idp.authn.LDAP.ldapURL=ldaps://ldap.nordu.net -idp.authn.LDAP.authenticator = bindSearchAuthenticator -idp.authn.LDAP.useStartTLS = true -idp.authn.LDAP.useSSL = false -idp.authn.LDAP.sslConfig = certificateTrust +idp.authn.LDAP.authenticator = anonSearchAuthenticator +idp.authn.LDAP.useStartTLS = false +idp.authn.LDAP.useSSL = true +idp.authn.LDAP.sslConfig = jvmTrust #idp.authn.LDAP.trustCertificates = %{idp.home}/credentials/ldap-server.crt -idp.authn.LDAP.baseDN = dc=nordu,dc=net -idp.authn.LDAP.userFilter = (uid=$requestContext.principalName) +idp.authn.LDAP.baseDN = ou=People,dc=nordu,dc=net +#idp.authn.LDAP.userFilter = (uid=$requestContext.principalName) idp.authn.LDAP.bindDN = dc=nordu,dc=net idp.authn.LDAP.bindDNCredential = blahblah diff --git a/template-config/attribute-resolver.xml b/template-config/attribute-resolver.xml index 30627d5..a3f7de2 100644 --- a/template-config/attribute-resolver.xml +++ b/template-config/attribute-resolver.xml @@ -79,6 +79,14 @@ %{idp.attribute.resolver.LDAP.searchFilter} ]]> +