replace references to saml settings.yml

pull/10296/head
ulferts 3 years ago
parent 17d9d1d76e
commit eb263eaa17
No known key found for this signature in database
GPG Key ID: A205708DE1284017
  1. 35
      docs/development/saml/README.md
  2. 24
      docs/system-admin-guide/authentication/saml/README.md

@ -111,27 +111,28 @@ On the OpenProject side, you'll have to configure SAML to connect to the just st
Here's a minimal configuration that you can put into `config/plugins/auth_saml/settings.yml`
Here's a minimal configuration that you can put into `config/configuration.yml`
```yaml
saml:
name: "saml"
display_name: "simplesaml-docker"
# Use the default SAML icon
icon: "auth_provider-saml.png"
# omniauth-saml config
assertion_consumer_service_url: "http://localhost:3000/auth/saml/callback"
issuer: "http://localhost:3000"
idp_cert_fingerprint: "119b9e027959cdb7c662cfd075d9e2ef384e445f"
idp_sso_target_url: "http://localhost:8080/simplesaml/saml2/idp/SSOService.php"
idp_slo_target_url: "http://localhost:8080/simplesaml/saml2/idp/SingleLogoutService.php"
attribute_statements:
email: ['email']
login: ['uid']
first_name: ['givenName']
last_name: ['sn']
default:
saml:
name: "saml"
display_name: "simplesaml-docker"
# Use the default SAML icon
icon: "auth_provider-saml.png"
# omniauth-saml config
assertion_consumer_service_url: "http://localhost:3000/auth/saml/callback"
issuer: "http://localhost:3000"
idp_cert_fingerprint: "119b9e027959cdb7c662cfd075d9e2ef384e445f"
idp_sso_target_url: "http://localhost:8080/simplesaml/saml2/idp/SSOService.php"
idp_slo_target_url: "http://localhost:8080/simplesaml/saml2/idp/SingleLogoutService.php"
attribute_statements:
email: ['email']
login: ['uid']
first_name: ['givenName']
last_name: ['sn']
```

@ -19,7 +19,7 @@ You can integrate your active directory or other SAML compliant identity provide
The configuration can be provided in one of two ways:
* `config/plugins/auth_saml/settings.yml` file (1.1)
* `config/configuration.yml` file (1.1)
* Environment variables (1.2)
@ -30,23 +30,19 @@ The configuration can be provided in one of two ways:
Whatever means are chosen, the plugin simply passes all options to omniauth-saml. See [their configuration
documentation](https://github.com/omniauth/omniauth-saml#usage) for further details.
The options are mutually exclusive. I.e. if settings are already provided via ENV variables, settings in a `settings.yml` file will be ignored. If you decide to save settings in the database, they will override any ENV variables you might have set.
The options are mutually exclusive. I.e. if settings are already provided via ENV variables, they will overwrite settings in a `configuration.yml` file.
If you decide to save settings in the database, they will override any ENV variables you might have set.
#### 1.1 config/plugins/auth_saml/settings.yml file
#### 1.1 config/configuration.yml file
You need to create the folder `plugins` and `auth_saml` first. You can do that with the following command
In your OpenProject packaged installation, you can modify the `/opt/openproject/config/configuration.yml` file.
Edit the file in your favorite editor
```
mkdir -p /opt/openproject/config/plugins/auth_saml
vim /opt/openproject/config/configuration.yml
```
and then edit the file in your favorite editor
```
vim /opt/openproject/config/plugins/auth_saml/settings.yml
```
In your OpenProject packaged installation, you can modify the `/opt/openproject/config/plugins/auth_saml/settings.yml` file. This will contains the complete OpenProject configuration and can be extended to also contain metadata settings and connection details for your SSO identity provider.
This will contains the complete OpenProject configuration and can be extended to also contain metadata settings and connection details for your SSO identity provider.
The following is an exemplary file with a set of common settings:
@ -87,7 +83,7 @@ saml:
last_name: ['sn']
```
Be sure to choose the correct indentation and base key. The items below the `saml` key should be indented two spaces. You will get an YAML parsing error otherwise when trying to start OpenProject.
Be sure to choose the correct indentation and base key. The items below the `saml` key should be indented two spaces more than `saml` already is. And `saml` can will need to be placed in the `default` or `production` group so it will already be indented. You will get an YAML parsing error otherwise when trying to start OpenProject.
#### 1.2 Environment variables
@ -122,7 +118,7 @@ That means it's best to set them using the console.
> docker-compose run --rm web bundle exec rails console
```
Once on the console you can set the same values as named in the `settings.yml` file, however they need to be nested within a 'providers' key as follows.
Once on the console you can set the same values as named in the `configuration.yml` file, however they need to be nested within a 'providers' key as follows.
For example:
```ruby

Loading…
Cancel
Save