SAML2身份验证器
项目描述
cubicweb的SAML2身份验证器。此立方体允许从SAML2提供者通过cubicweb登录表单进行身份验证。
安装
第一步是将cubicweb-saml安装到您的Python环境中
pip install cubicweb-saml
要将此立方体添加到您的cubicweb实例中
cubicweb-ctl shell <your_app>
>>> add_cube('saml')
>>> exit
要在all-in-one.conf中生成与SAML相关的选项
cubicweb-ctl upgrade <your_app>
配置
要配置cubicweb-saml元数据,请从cubicweb实例文件夹中的sources.conf(默认为$HOME/etc/cubicweb.d/<instance>)打开
[SAML] # SAML v2 metadata uri which can be read from a file (file://<absolute_path>) # or retrieved from a specific URL(http[s]://...) saml-metadata-uri= # The globally unique identifier of the entity. saml-entity-id=
要配置cubicweb-saml选项,请在同一目录中打开all-in-one.conf
[SAML] # Don't verify that the incoming requests originate from us via the built-in # cache for authn request ids in pysaml2 saml-allow-unsolicited=yes # Indicates if the Authentication Requests sent by this SP should be signed by # default. saml-authn-requests-signed=no # Indicates if this entity will sign the Logout Requests originated from it. saml-logout-requests-signed=yes # Indicates if this SP wants the IdP to send the assertions signed. This sets # the WantAssertionsSigned attribute of the SPSSODescriptor node of the # metadata so the IdP will know this SP preference. saml-want-assertions-signed=yes # Indicates that Authentication Responses to this SP must be signed. If set to # True, the SP will not consume any SAML Responses that are not signed. saml-want-response-signed=no # Allow to register a new user # if this one does not exist in current database. saml-register-unknown-user=no # Set the default group to register new user # if the saml-register-unknown-user option was activated. saml-register-default-group=guests # Set the default password system to use if the saml-register-unknown-user # option was activated (available values: empty, random). saml-register-default-password=empty
下载文件
下载适用于您的平台的文件。如果您不确定选择哪个,请了解更多关于安装包的信息。
源分发
cubicweb-saml-1.0.1.tar.gz (12.9 kB 查看哈希值)
构建分发
cubicweb_saml-1.0.1-py3-none-any.whl (15.3 kB 查看哈希值)
