cubicweb-saml

SAML2 authentifier

These details have not been verified by PyPI

Project links

Homepage

Project description

SAML2 authentifier for cubicweb. This cube allow to authenticate from a SAML2 provider with cubicweb login form.

Installation

The first step is to install cubicweb-saml into your python environment:

pip install cubicweb-saml

To add this cube into your cubicweb instance:

cubicweb-ctl shell <your_app>
>>> add_cube('saml')
>>> exit

To generate SAML related option in all-in-one.conf:

cubicweb-ctl upgrade <your_app>

Configuration

To configure cubicweb-saml metadata, open sources.conf from cubicweb instances folder (by default $HOME/etc/cubicweb.d/<instance>):

[SAML]

# SAML v2 metadata uri which can be read from a file (file://<absolute_path>)
# or retrieved from a specific URL(http[s]://...)
saml-metadata-uri=

# The globally unique identifier of the entity.
saml-entity-id=

To configure cubicweb-saml options, open all-in-one.conf in the same directory:

[SAML]

# Don't verify that the incoming requests originate from us via the built-in
# cache for authn request ids in pysaml2
saml-allow-unsolicited=yes

# Indicates if the Authentication Requests sent by this SP should be signed by
# default.
saml-authn-requests-signed=no

# Indicates if this entity will sign the Logout Requests originated from it.
saml-logout-requests-signed=yes

# Indicates if this SP wants the IdP to send the assertions signed. This sets
# the WantAssertionsSigned attribute of the SPSSODescriptor node of the
# metadata so the IdP will know this SP preference.
saml-want-assertions-signed=yes

# Indicates that Authentication Responses to this SP must be signed. If set to
# True, the SP will not consume any SAML Responses that are not signed.
saml-want-response-signed=no

# Allow to register a new user
# if this one does not exist in current database.
saml-register-unknown-user=no

# Set the default group to register new user
# if the saml-register-unknown-user option was activated.
saml-register-default-group=guests

# Set the default password system to use if the saml-register-unknown-user
# option was activated (available values: empty, random).
saml-register-default-password=empty

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

1.0.1

Apr 3, 2024

1.0.0

Oct 3, 2023

0.8.2

Apr 3, 2024

This version

0.8.0

Nov 24, 2022

0.7.1

Sep 23, 2022

0.7.0

Apr 8, 2022

0.6.0

Apr 5, 2022

0.5.1

Sep 28, 2021

0.5.0

Sep 23, 2021

0.4.0

Sep 16, 2021

0.3.1

Feb 6, 2020

0.3.0

Jan 29, 2020

0.2.3

Oct 25, 2019

0.2.2

Oct 24, 2019

0.2.1

Oct 22, 2019

0.2.0

Oct 17, 2019

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cubicweb-saml-0.8.0.tar.gz (12.6 kB view hashes)

Uploaded Nov 24, 2022 Source

Built Distribution

cubicweb_saml-0.8.0-py3-none-any.whl (15.2 kB view hashes)

Uploaded Nov 24, 2022 Python 3

Hashes for cubicweb-saml-0.8.0.tar.gz

Hashes for cubicweb-saml-0.8.0.tar.gz
Algorithm	Hash digest
SHA256	`15bb18339e442d3b99f2d0c3c918460614fdfc6970891c4dfaa6ea755e7f5ba1`
MD5	`47a942982b5908a98bd4e78cbcfb88ec`
BLAKE2b-256	`2f0c0e0bb86eb87823762a2b84436fa2017bae0275b608bbf4990a4c660dc3d7`

Hashes for cubicweb_saml-0.8.0-py3-none-any.whl

Hashes for cubicweb_saml-0.8.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`843bacb5a2f99a4b280d18f154995c69334da3b6c54d705e642c4d75244b392c`
MD5	`7efb807ca9ac494f3088c6ea4d117e48`
BLAKE2b-256	`50bfa638ff6ed8359e23b43cd9680844f85e95936b4ec004d3d1bd32f6bf0c57`