Menu
▾
▴
Re: [Unity-idm-discuss] configure authentication with singleAuthn from saml federation
|
From: Roman K. <ro...@un...> - 2023-08-08 14:51:05
|
Hi Sander,
Sorry to be long in my reply, the answer to your question is YES, it is
possible.
The easiest way to see the desired configuration file content, is to create
a database dump with the "System configuration" part (Console ->
Maintenance -> Backup & Restore) and search for the configuration of the
endpoint from the screenshot. I've made similar configuration for console
and here is the relevant json part for this endpoint:
{
"_updateTS" : 1691505258138,
"obj" : {
"name" : "Console",
"typeId" : "WebConsoleUI",
"contextAddress" : "/console",
"configuration" : {
"displayedName" : {
"Map" : {
"pl" : "Interfejs administracyjny Unity"
},
"DefaultValue" : "UNITY console administration interface"
},
"description" : "",
"authenticationOptions" : [ "pwdSys", "pwdComposite", "certFlow1",
"smsAndPass", "cert", "ldap", "ldapDN", "saml", "oauth", "fido" ],
"configuration" : "#\n#Tue Aug 08 16:34:18 CEST 2023\n
unity.endpoint.web.authnScreenShowSearch=false\nunity.endpoint.web.authnScreenColumn.1.columnContents=saml._entryFromMetadata_2bd7648301d749818fa038b51bf7f235+1.
pwdSys _SEPARATOR fido _SEPARATOR cert _SEPARATOR pwdComposite _SEPARATOR
_SEPARATOR ldap _SEPARATOR _REGISTER\nunity.endpoint.web.authnScreenTitle=title
of page\nunity.endpoint.web.authnScreenColumn.1.columnTitle.en=Local
authentication\nunity.endpoint.web.externalRegistrationURL=https\\://
www.wp.pl\nunity.endpoint.web.productionMode=false\n
unity.endpoint.web.authnScreenColumn.2.columnTitle.pl=Zdalne
logowanie\nunity.endpoint.web.authnScreenTitle.en=title
of page\nunity.endpoint.web.authnScreenOptionsLabel.1.text.en=separator\n
unity.endpoint.web.showRegistrationFormsInHeader=false\n
unity.endpoint.web.authnScreenShowAllOptions=false\nunity.endpoint.web.authnLastOptionOnlyLayout=_LAST_USED
_SEPARATOR_1 _EXPAND\nunity.endpoint.web.authnShowLastOptionOnly=false\n
unity.endpoint.web.authnGrid.1.gridContents=saml\n
unity.endpoint.web.authnScreenLogo=https\\://
m.media-amazon.com/images/I/91-Db4L6xjL.png\n
unity.endpoint.web.authnScreenOptionsLabel.1.text=separator\n
unity.endpoint.web.authnScreenColumn.1.columnTitle.pl=Lokalne metody\n
unity.endpoint.web.authnGrid.1.gridRows=50\n
unity.endpoint.web.compactCredentialReset=true\n
unity.endpoint.web.authnScreenColumn.2.columnWidth=21\n
unity.endpoint.web.authnScreenColumn.1.columnWidth=21\n
unity.endpoint.web.enableRegistration=false\n
unity.endpoint.web.authnTheme=unityThemeValo\nunity.endpoint.web.authnScreenColumn.2.columnContents=_GRID_1
oauth\nunity.endpoint.web.authnScreenColumn.2.columnTitle=\\
\nunity.endpoint.web.authnScreenColumn.1.columnTitle=Local
authentication\nunity.endpoint.web.mainTheme=unityThemeValo\n
unity.endpoint.web.authnScreenShowCancel=false\n
unity.endpoint.web.template=default.ftl\nunity.endpoint.web.autoLogin=false
\n",
"realm" : "admin",
"tag" : "yFWk6n2n7mcMeks+eH/YkqEg/WaqCg25HaLHE6/Xs84="
},
"revision" : 20,
"status" : "DEPLOYED"
}
}
When you refactor the "configuration.configuration" json part, meaning
replace "\n" to a new line we will get the information about columnContents
to put into your file:
unity.endpoint.web.authnScreenColumn.1.columnContents=saml._entryFromMetadata_2bd7648301d749818fa038b51bf7f235+1.
pwdSys _SEPARATOR fido _SEPARATOR cert _SEPARATOR pwdComposite _SEPARATOR
_SEPARATOR ldap _SEPARATOR _REGISTER
Please let me know if that answers your question.
Cheers,
Roman
pon., 31 lip 2023 o 14:35 Sander Apweiler <sa....@fz...>
napisał(a):
> Hi Krzysztof, hi Roman,
> using the UI, I can configure the Authentitcation for the endpoints
> having singleAuthN with IdPs from federation metadata. I attached a
> screenshot with a test. Can I somehow do this with via configuration
> files as well?
>
> Best regards,
> Sander
>
> --
> Federated Systems and Data
> Juelich Supercomputing Centre
>
> phone: +49 2461 61 8847
> fax: +49 2461 61 6656
> email: sa....@fz...
>
> -----------------------------------------------------------------------
> -----------------------------------------------------------------------
> Forschungszentrum Juelich GmbH
> 52425 Juelich
> Sitz der Gesellschaft: Juelich
> Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
> Vorsitzender des Aufsichtsrats: MinDir Stefan Müller
> Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
> Karsten Beneke (stellv. Vorsitzender), Dr. Ir. Pieter Jansens,
> Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior
> -----------------------------------------------------------------------
> -----------------------------------------------------------------------
>
>
>
>
>
> _______________________________________________
> Unity-idm-discuss mailing list
> Uni...@li...
> https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss
>
|
