SAML2 authentifier
Project description
SAML2 authentifier for cubicweb. This cube allow to authenticate from a SAML2 provider with cubicweb login form.
Installation
The first step is to install cubicweb-saml into your python environment:
pip install cubicweb-saml
To add this cube into your cubicweb instance:
cubicweb-ctl shell <your_app>
>>> add_cube('saml')
>>> exit
To generate SAML related option in all-in-one.conf:
cubicweb-ctl upgrade <your_app>
Configuration
To configure cubicweb-saml metadata, open sources.conf from cubicweb instances folder (by default $HOME/etc/cubicweb.d/<instance>):
[SAML] # SAML v2 metadata uri which can be read from a file (file://<absolute_path>) # or retrieved from a specific URL(http[s]://...) saml-metadata-uri= # The globally unique identifier of the entity. saml-entity-id=
To configure cubicweb-saml options, open all-in-one.conf in the same directory:
[SAML] # Don't verify that the incoming requests originate from us via the built-in # cache for authn request ids in pysaml2 saml-allow-unsolicited=yes # Indicates if the Authentication Requests sent by this SP should be signed by # default. saml-authn-requests-signed=no # Indicates if this entity will sign the Logout Requests originated from it. saml-logout-requests-signed=yes # Indicates if this SP wants the IdP to send the assertions signed. This sets # the WantAssertionsSigned attribute of the SPSSODescriptor node of the # metadata so the IdP will know this SP preference. saml-want-assertions-signed=yes # Indicates that Authentication Responses to this SP must be signed. If set to # True, the SP will not consume any SAML Responses that are not signed. saml-want-response-signed=no # Allow to register a new user # if this one does not exist in current database. saml-register-unknown-user=no # Set the default group to register new user # if the saml-register-unknown-user option was activated. saml-register-default-group=guests # Set the default password system to use if the saml-register-unknown-user # option was activated (available values: empty, random). saml-register-default-password=empty
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cubicweb-saml-1.0.1.tar.gz.
File metadata
- Download URL: cubicweb-saml-1.0.1.tar.gz
- Upload date:
- Size: 12.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.12.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1e3369045898363085cc172f333b522437474ffefd0f886aa1b5319f7e11964f
|
|
| MD5 |
2746f74d1618a717f9bdb32f9ffb8b71
|
|
| BLAKE2b-256 |
a26acdf47315d48bace8cc94861855b6b123fdd74f59337bdf76005506b17b24
|
File details
Details for the file cubicweb_saml-1.0.1-py3-none-any.whl.
File metadata
- Download URL: cubicweb_saml-1.0.1-py3-none-any.whl
- Upload date:
- Size: 15.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.12.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d70e50fa1122d6cb47e3509954ccb6b32499abc3cfe42dc5e8ac488546f889eb
|
|
| MD5 |
a69816eb51bcc31739191feb63cc875d
|
|
| BLAKE2b-256 |
e7d58c15fc96d8b696f1232c3162207e8ef14611a68df8ec265c89d0dd66592c
|
