Skip to content

WIP: Add SAML identity provider using SimpleSAML

James Edwards-Jones requested to merge jej/saml into master

What

Uses the jamedjo/test-saml-idp image to provide a SAML SSO service

  • Generates a certificate, private key, and fingerprint
  • Allows service configuration in saml-services.php to support both instance wide SAML and GroupSAML for multiple groups
  • Allows users to be configured in saml-auth-sources.php

Closes #17

Todo

  • Avoid needing to chmod 704 on the private key
  • Find where the best directory for these files is
  • Have certificate/fingerprint generation happen as part of Makefile
  • Document this in the proper places instead of temporary README

Demo

While demoing gitlab!18362 (merged) for review I made use of this and modified the services and auth sources to show functionality:

https://www.youtube.com/watch?v=kd7mrxYvcu8

Demo Video

Edited by 🤖 GitLab Bot 🤖

Merge request reports