test saml idp #6
Description
This charm will setup a dummy php-based IDP using the SimpleSAMLphp project. This is NOT recommended to be used in production. It should be used only for testing purposes.
SimpleSAMLphp Juju Charm
This Juju charm will configure a local SAML-based IDP instance using the SimpleSAMLphp project.
Deployment
The charm can be deployed with:
juju deploy cs:~ionutbalutoiu/test-saml-idp
After it is deployed, it will stay in blocked state with the message:
sp-metadata resource is not a well-formed xml file
until a valid XML SP metadata file is attached via:
juju attach-resource test-saml-idp sp-metadata=./sp-metadata.xml
The charm has a Juju action, called get-idp-metadata
, used to fetch the IdP
metadata.xml. This needs to be exchanged with the SP.
For example, the IdP metadata.xml can be used in conjunction with the keystone-saml-mellon charm, and it can be attached as a resource:
juju attach-resource keystone-saml-mellon idp-metadata=./idp-metadata.xml
The IdP web interface can be accessed at http://<UNIT_ADDRESS>/simplesaml
.
For authentication, there is a fixed set of a user/password credentials defined
in the charm config via auth-user-name
and auth-user-password
. Or, you can
use the default admin
with the password given in the charm config as
admin-password
.
Configuration
- admin-password
- (string) The default admin user password.
- Password123!
- auth-user-name
- (string) The auth user name.
- user1
- auth-user-password
- (string) The auth user password.
- user1pass
- http-port
- (int) The IDP http port.
- 80
- https-port
- (int) The IDP https port.
- 443
- idp-name
- (string) Identity provider name to use for URL generation. Must match the one that will be configured via OS-FEDERATION API.
- myidp
- protocol-name
- (string) Protocol name to use for URL and generation. Must match the one that will be configured via OS-FEDERATION API.
- mapped
- simple-saml-php-version
- (string) The release version of the SimpleSAMLphp.
- 1.18.8