gluufederation / docs-ce-prod Goto Github PK
View Code? Open in Web Editor NEWThis content has been moved to
Home Page: https://github.com/GluuFederation/docs-gluu-server-prod
License: Other
This content has been moved to
Home Page: https://github.com/GluuFederation/docs-gluu-server-prod
License: Other
Hi. On this section of documentation explains how to add a new non supported languages. But on the oxTrust UI
we can add non supported language only oxAtuh
configuration tab. For oxTrust
there is no any option to adding a new non supported language.
willow9886 commented on Dec 5 2016 • edited willow9886 edited this issue 5 months ago
We have new logging software for CE Clusters: https://github.com/GluuFederation/message-consumer
We need to update our docs to reflect the new loggin mechanism.
@willow9886 willow9886 assigned zamilskhan and jschristie on Dec 5 2016
@willow9886 willow9886 added this to the CE 3.0 milestone on Dec 5 2016
Re-creating from old repo, since old repos are removed***
https://gluu.org/docs/supergluu/3.0.0/developer-guide/
If you scan QR-code at first time and your device UDID doesn't attached to your user then app will do enroll, first need prepare data properties:
Durring registerring app generates an unique keyHandle, keyPair (public/private keys) to sign all data and uses ECC algoritm to encode and data.
Now we need make all information in one byte array. Also need to set one aditional parameter which determines if we decided approve or deny our request:
String resultJsonResponse contains result JSON. From result JSON we can extract some additionl information. Also we can check if enroll/authentication was success or not using this filed - u2fOperationResult.getStatus().
mzico commented on Mar 22 2016
Tree view and documentations of LDAP structure in Gluu CE
@mzico mzico self-assigned this on Mar 22 2016
Re-creating from old repo, since old repos are removed***
In the update documentation (https://gluu.org/docs/ce/2.4.4/upgrade/updating/) it should be mentioned that you need to enablethe gluu repos.
On the installation page one of the last steps is to disable the repos (https://gluu.org/docs/ce/installation-guide/install/#5-disable-gluu-repositories)..
We should install this extension in order to improve how lists are picked up from Github to Mkdocs.
mzico commented on Mar 3
Need some detail documentation on asimba.xml.
i.e.
3600
60
100
What does this expire, interval and max means?
@mzico mzico self-assigned this on Mar 3
Re-creating from old repo, since old repos are removed***
nynymike commented on Jan 26
We get a lot of questions about CORS support. It's supported, but unclearly documented.
GluuFederation/oxAuth#458 (comment)
nynymike added the enhancement label on Jan 26
Re-creating from old repo, since old repos are removed***
I tried to install gluu 3.1.2 on CentOS 7.3.1611. I had the following two issues:
Setting of FD limit gave an error (as stated by your documentation). Workaround:
ulimit -n 262144
Test of success with:
[root@ServerSsoAuth01 ~]# ulimit -Hn
262144
The "Azure" chapter mentions you need to set selinux to "permissive" mode. This was omitted for naked CentOs, which caused the following error on startup of the container:
/sbin/gluu-serverd-3.1.2 status
...
Mar 19 10:58:03 ServerSsoAuth01.mydomain.test systemd-nspawn[939]: [FAILED] Failed to start LSB: Bring up/down networking.
...
Of course, no connection to the gluu GUI was possible.
Changed the following line to permissive in
/etc/selinux/config
SELINUX=permissive
After a reboot, the gluu GUI was now accessible via https 443
I would suggest to append these two points to the "Preparation before installation" section for CentOS.
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/deployinjetty.png
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/vmarguments.png
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/jettyverchng.png
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/configurationlistener.png
These are being compressed for size and lossy, sampling compression. The combination prevents it from being legible.
On this page: https://gluu.org/docs/ce/3.0.2/developer-guide/oxtrust-eclipse/
Some images are too small to be legible.
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/deployinjetty.png
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/vmarguments.png
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/jettyverchng.png
https://gluu.org/docs/ce/3.0.2/img/developer/oxtrust/configurationlistener.png
Please check docs for 3.1.1 as well.
Following pages have Broken links in Gluu Server 3.1.2 document
Interception Scripts
https://www.gluu.org/docs/ce/3.1.2/admin-guide/user-management/#ldap-synchronization
https://www.gluu.org/docs/ce/3.1.2/authn-guide/intro.md/
Introduction(User Authentication)
https://gluu.org/docs/ce/3.1.2/admin-guide/openid-connect.md/#authentication
Duo Security
https://www.gluu.org/docs/ce/3.1.2/authn-guide/DuoExternalAuthenticator.py
Custom Script Tutorial
https://www.gluu.org/docs/reference/interception-scripts/#authentication
https://www.gluu.org/docs/ce/3.1.2/operation/faq.md/#revert-an-authentication-method
Open ID Connect Provider
https://www.gluu.org/docs/ce/3.1.2/ce/authn-guide/passport.md/
https://www.gluu.org/docs/ce/3.1.2/ce/authn-guide/basic.md/
https://www.gluu.org/docs/ce/3.1.2/authn-guide/intro.md/#configuring-account-lockout
OXD Oauth 2.0
https://gluu.org/docs/oxd/protocol/
Apache mod_auth_openidc
https://www.gluu.org/docs/ce/3.1.2/integration/integration/OpenIdConnectDiscoveryAction.java
Google Apps
https://www.gluu.org/docs/ce/3.1.2/integration/saas/admin.google.com
SalesForce
https://www.gluu.org/docs/admin-guide/configuration/#attributes
Upgrades
https://www.gluu.org/docs/ce/3.1.2/upgrade/manual-update.md
FAQ
https://www.gluu.org/docs/ce/3.1.2/operation/upgrade/update-war.md
Localization
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_de.properties
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_en.properties
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_bg.properties
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_es.properties
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_it.properties
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_fr.properties
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_ru.properties
https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/resources/messages_tr.properties
Tomcat is still being mentioned here:
https://gluu.org/docs/ce/authn-guide/customauthn/
https://gluu.org/docs/ce/integration/saml-sp/
https://gluu.org/docs/ce/operation/faq/
https://gluu.org/docs/ce/installation-guide/setup_py/
almost sure it should be changed to "Jetty"
The following are some minor corrections for docs-ce-prod
https://gluu.org/docs/ce/operation/backup/#tarball-method
Typos in tarball method: a. #, b. # (the letter and then the period are unnecesary...)
https://gluu.org/docs/ce/reference/oxldap/
Two words apparently swapped: It says "component's container". Isn't it "container's components"?.
Also there, should there be a period after "Setup Script Options"?.
In the row "certsDir" of the table, it says "Path of the certificates stored". Personally I don't understand the idea conveyed well.
https://gluu.org/docs/ce/api-guide/api/
A typo in "Please se the following"
https://gluu.org/docs/ce/api-guide/scim-api/
In SCIM2.0 section, there are many tables whose description & example columns are empty. It would look nicer if they could remain hidden as information is completed - This is merely an opinion.
Also look the table corresponding to Type: it has no rows at all.
https://gluu.org/docs/ce/api-guide/uma-api/
A typo perhaps in: "manipulate the protect resources", does it mean "protected"?
Currently I have tried to install Gluu in my private server, but I followed the installation guide, all are done by scripts, there are some
If possible to provide step-by-step guide of installation in a hard way? especially, I would like ignore the SSL/HTTPS and ngnix config in the development stage.
create documentation for cache provider switching (in-memory, redis, memcached)
I was trying to figure out what Logout Session Required
means in the OpenID Connect client form, and I couldn't find it anywhere in the docs. There is no tooltips for this field in oxTrust either. It might be useful to synchronize these.
It would be worthwhile to navigate oxTrust, and for each form, create a corresponding docs page in the reference section that details the purpose of each field of the form.
nynymike commented on Mar 13
I think OpenID Connect client registration needs it's own documentation page. Customers are getting it wrong a lot.
Many of the parameters correspond directly to OpenID Connect client metatdata
There are a few configuration in the form that are specific to Gluu, like "Pre-Authorization."
Also, it may be worthwhile to have a section for "common config patterns" for
1.implicit clients ( response_type token id_token )
2.web clients ( response_type code )
3.mobile clients ( response_type code )
Also, helpful hints:
1.Use asymmetric crypto and no encryption when you pass the id_token to backend API's.
2.Use public identifiers (not pairwise) for trusted internal clients.
But we should review the support forums and find other common client config mistakes (especially specifying wrong response_types).
@nynymike nynymike added the enhancement label on Mar 13
@jschristie jschristie was assigned by nynymike on Mar 13
Add your reaction
Edit comment
Delete comment
Owner This user is the owner of the docs-3.0.1 repository.
willow9886 commented on Apr 4
@jschristie let's prioritize this... it's important that our openid connect functionality is properly documented.
Re-creating from old repo, since old repos are removed*********
Fix the wording here. Also the instructions don't seem to be correct. I had to right click on oxtrust-server
and then Maven > Update Project
then put a check beside oxtrust > oxtrust-server
and I'm still not even sure if that's correct. I can't find "oxtrust
> server project
".
This is what it currently says. It has spelling mistakes and grammatical errors.
In order for jetty to correcty serve those styles close the oxtrust-static
project in eclipse and by updating the project under Maven
> Update Project
on oxtrust
> server project
. **
Configuration > JSON configuration > 'Cache Provider Configuration'
3.1.3
nynymike commented on Jun 29 2015
Is this a problem in the Swagger --> Markdown generation? I don't see the response and error codes.
https://cloud.githubusercontent.com/assets/3717101/8410259/a3e0c30c-1e42-11e5-8408-699853dc6123.png
@nynymike nynymike changed the title from Missing Response and Error Codes to Missing Response JSON(Response) on Jun 29 2015
@nynymike nynymike changed the title from Missing Response JSON(Response) to Missing JSON(Response) on Jun 29 2015
@qbert2k qbert2k was assigned by nynymike on Jun 29 2015
Add your reaction
Edit comment
Delete comment
Owner This user is the owner of the docs-2.4.4-old repository.
yuriyz commented on Jun 29 2015
those codes are hidden deeply in our code. Swagger have no idea about it. We should link it, so swagger can pick it up or otherwise write down it directly in annotation (which is bad because it will duplicate what is already in code anyway).
@yuriyz yuriyz assigned yuriyz and unassigned qbert2k on Jul 15 2015
@yuriyz yuriyz added a commit that referenced this issue on Jul 15 2015
@yuriyz docs #21 : added error codes to oic-authorization e998e07
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 15 2015
@yuriyz Authorize WS : added error codes for swagger docs https://github.com/… …
151f49f
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 15 2015
@yuriyz Token WS : added error codes for swagger docs https://github.com/Gluu… …
a6956c3
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 15 2015
@yuriyz Token WS : added error codes for swagger docs https://github.com/Gluu… …
cdedf99
@yuriyz yuriyz added a commit that referenced this issue on Jul 15 2015
@yuriyz docs #21 : added error codes to oic-token f1aec75
Add your reaction
Edit comment
Delete comment
Owner This user is the owner of the docs-2.4.4-old repository.
yuriyz commented on Jul 15 2015
@nynymike I've checked swagger implementation and according to their implementation it not possible to inline error codes from code. We have to inline it in swagger annotations directly.
https://github.com/swagger-api/swagger-core/wiki/Annotations
I will do following:
1.put error code directly in swagger annotations in oxauth code
2.regenerate markdown
3.update it in docs
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 15 2015
@yuriyz User Info WS : added error codes for swagger docs https://github.com/… …
593a7d3
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 15 2015
@yuriyz Register Client WS : added error codes for swagger docs https://githu… …
8e5d529
@yuriyz yuriyz added a commit that referenced this issue on Jul 15 2015
@yuriyz User Info docs #21 - updated error codes bef3f32
@yuriyz yuriyz added a commit that referenced this issue on Jul 15 2015
@yuriyz Register Client docs #21 - updated error codes 6146519
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 16 2015
@yuriyz End session WS : added error codes for swagger docs https://github.co… …
e6298b9
@yuriyz yuriyz added a commit that referenced this issue on Jul 16 2015
@yuriyz End Session WS docs #21 - updated error codes a918857
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 23 2015
@yuriyz @yurem Authorize WS : added error codes for swagger docs https://github.com/… …
ce1a4cd
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 23 2015
@yuriyz @yurem Token WS : added error codes for swagger docs https://github.com/Gluu… …
78400ce
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 23 2015
@yuriyz @yurem Token WS : added error codes for swagger docs https://github.com/Gluu… …
495a605
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 23 2015
@yuriyz @yurem User Info WS : added error codes for swagger docs https://github.com/… …
890fa44
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 23 2015
@yuriyz @yurem Register Client WS : added error codes for swagger docs https://githu… …
84cfc5d
@yuriyz yuriyz referenced this issue in GluuFederation/oxAuth on Jul 23 2015
@yuriyz @yurem End session WS : added error codes for swagger docs https://github.co… …
Re-creating from old repo, since old repos are removed***
gluu.jpg is an image of a complex shape. It should not be sample compressed.
This wiki link should be move to production.
The current production version should be replace as it is not up to date.
/opt/gluu-server-3.0.2/install/community-edition-setup# ./setup.py
File "./setup.py", line 108
self.jreDestinationPath = '/opt/jdk1.8.0_%s' % self.jre_version
^
TabError: inconsistent use of tabs and spaces in indentation
Ubuntu 16.04 AWS
It was:
authnRequestBinding
- If set to "HTTP-POST", then authentication request sent to entryPoint
will use POST HTTP method (SAML's HTTP POST binding), otherwise defaults to HTTP method (HTTP Redirect binding)I changed it to:
authnRequestBinding
- "HTTP-POST" for Post binding or "HTTP" for redirect binding.I'm not sure if that is correct. And what does "default" mean? Does it mean if the value is left blank? Does it mean the authnRequestBinding
is omitted entirely?
In Gluu Doc version 3.0.1 and 3.0.2, under Administration Guide -> Interception Scripts, the hyperlink for "Sample Client Registration Script" (https://gluu.org/docs/ce/3.0.1/admin-guide/sample-client-registration-script) is not available. Currently clicking on that link redirects back to Gluu's homepage.
mzico commented on Apr 6 2016
See if we can SSO Gitlab with Gluu Server. If possible, then we need to prepare a doc and publish.
Gitlab doc: http://doc.gitlab.com/ee/integration/saml.html
@aveekbu aveekbu was assigned by mzico on Apr 6 2016
@mzico mzico added the enhancement label on Apr 6 2016
@mzico mzico changed the title from [not urgent] gitlab SAML integration with Gluu Server to gitlab SAML integration with Gluu Server on Apr 6 2016
aveekbu commented on Apr 6 2016
I've installed gitlabCE. but later I've found that SAML2.0 authentication with IdP needs gitlabEE Enterprise Edition to be installed along with secure https. But I've got 404 error when trying to reach (http://doc.gitlab.com/ee/install/installation.md#using-https) the docs.
I'll keep an eye on them and trying to figure how to install an EE version instead of a CE version.
@aveekbu Try this. This link is for GitLab CE SAML integration
zamilskhan commented on Aug 5 2016
Any update on this one?
Add your reaction
Edit comment
Delete comment
Nemykal commented on Aug 15 2016
+1 this would be good to have. Gitlab supports some other integrations for auth besides SAML too https://gitlab.com/help/integration/omniauth.md#initial-omniauth-configuration
zamilskhan commented on Aug 16 2016
This is a work in progress. We hope to get this done soon.
Add your reaction
Edit comment
Delete comment
bashou commented on Nov 25 2016
Maybe some updates ? (Thanks !)
@mzico mzico self-assigned this on Nov 25 2016
Re-creating from old repo, since old repos are removed***
In this page: https://github.com/GluuFederation/docs-ce-prod/tree/3.1.2/3.1.2/source/authn-guide/inbound-saml-passport.md
If only one external SAML IDP needs to be supported ... consider following the SAML interception script instructions.
Checking the instructions and .py, this is clearly a script for use with asimba
But in the note just below it, the message conveyed is like Asimba should not be used more
...sounds like contradiction
oxAuth supports Passing Request Parameters as JWTs, signed and encrypted, by value or by request URI.
The documentation should be added to:
https://gluu.org/docs/ce/3.0.1/api-guide/openid-connect-api/
Please check: http://openid.net/specs/openid-connect-core-1_0.html#JWTRequests
'csync2' installation and configuration is blank in: https://gluu.org/docs/ce/3.1.2/installation-guide/cluster/#2-enable-replication .. just one line... Next we should install csync2 for file system replication.
We should elaborate it.
Take a look here: https://www.gluu.org/resources/documents/standards/uma/
The link associated to "read our UMA documentation" is pointing to kantara. It should be pointing to gluu. The very same link (kantara) is already used two paragraphs above.
Hi. In this link explains Resource
object. Problem is Resource
object has not description
field. It must be display_name
. I am using gluu server 3.1.0. When I set description
system through error
attribute 'description' not allowed
But if I set display_name
everything is ok
With an upgrade from 3.1.1 to 3.1.2 fresh in my head, I wanted to provide some comments for the document.
Branch 3.1.2
docs-ce-prod
File: 3.1.2/source/upgrade/index.md
line 68:
$WAR_URL - is this needed here? If so, perhaps some more inline documentation about it?
line 90:
service solserver stop (was: Service)
line 98:
# wget ... (add a space after prompt for consistency)
Should we 'chown ldap:ldap gluu.schema'?
line 105:
If we are not being guided to replace 'custom.schema', is this sort of general warning?
If keeping this, consider saying '... changes done to custom.schema
' (dropping 'and').
line 109:
So if upgrading from 3.1.1 to 3.1.2, are we essentially done here? It's not explicit whether we are done, or if we need to upgrade more.
In the document https_gluu.conf location mentioned as /etc/httpd/conf.d/
However no such location available. I found below 2 locations for https_gluu.conf . Please fix the document with correct path.
./etc/apache2/sites-available/https_gluu.conf
./etc/apache2/sites-enabled/https_gluu.conf
I'm using Gluu server as SAML IDP.
As you know, SAML in Gluu server doesn't support Single Logout so I'm using frontchannel logout feature of OpenID Connect.
When I use 'https:///idp/logout.jsp' to logout, it works well. It make me logout from both Gluu server and federated 3rd-party.
But when I try to logout with 'https:///identity/logout' which is in Gluu server itself for logout, it doesn't work with federated site, only with Gluu server itself.
It is normal behavior because of I'm using SAML not OpenID Connect, please consider that make it works with SAML too.
This is our first step of combining two custom authN script. I think we can put it there in our public doc for users to see how such scenario works and how it's possible to 'combine' two scripts together.
In this situation we combined CAS2 script + Duo script and generated a combined script which allowing users to:
Here is the doc: https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/cas2_duo
Problem:
RP server installation started with Deb package ( so.. that's Ubuntu/Debian ): https://github.com/GluuFederation/docs-ce-prod/blob/3.1.2/3.1.2/source/integration/sswebapps/openidc-rp.md#apache-web-server
mod_auth_openIDC installation is for rpm ( so.. that's CentOS/RHEL ): https://github.com/GluuFederation/docs-ce-prod/blob/3.1.2/3.1.2/source/integration/sswebapps/openidc-rp.md#installation-1
Doc link: https://gluu.org/docs/ce/3.1.3/operation/backup/#ldif-data-backup
Issues:
Right now we have a hotchpotch doc on mod_auth_openidc ( https://gluu.org/docs/ce/3.1.3/integration/sswebapps/openidc-rp/ ).
Problems:
I think we should just publish one doc based on Ubuntu / CentOS instead of what we have right now.
Here is a cleaner version for Ubuntu 14.04 + mod_auth_openIDC + Gluu Server 3.1.3: https://github.com/GluuFederation/support-docs/blob/master/howto/mod_auth_openidc/ubuntu.md
Step-1 Followed the Gluu upgrade document till Install the latest version of the Gluu server section .
Step-2 Followed below command to Install Gluu CE 3.1.1
Add Gluu Repository - # echo "deb https://repo.gluu.org/ubuntu/ xenial main" > /etc/apt/sources.list.d/gluu-repo.list
Add Gluu GPG Key - # curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add -
Update/Clean Repo - # apt-get update
Install Gluu Server - # apt-get install gluu-server-3.1.1
During Installation I got this error
OS- Ubuntu Server 16.04.x
I don't see anywhere how to create a ticket.
@mzico said to create a ticket about #24 (comment)
Can someone please explain what that means?
I follow this docs to run oxTrust on eclipse https://gluu.org/docs/ce/3.1.3/developer-guide/oxtrust-eclipse/#import-projects
but these images is too blur and not clear for me to understand what need to be configured.
https://gluu.org/docs/ce/3.1.3/img/developer/oxtrust/deployinjetty.png
https://gluu.org/docs/ce/3.1.3/img/developer/oxtrust/deployinjetty.png
Can anyone please help to take better screenshot and update the documents ?
Thanks
nynymike commented on Jul 25 2015
We need an article under http://www.gluu.org/docs/articles/ on how to configure CAS. For example, add custom authentication script, add CAS login url. Also what about enrollment? For example, the person successfully authenticates in CAS, but is not present in the Gluu Server? Is that possible? Or does it require the users to be already present?
@mzico mzico self-assigned this on Jul 27 2015
Re-creating from old repo, since old repos are removed***
At https://gluu.org/docs/ce/developer-guide/oxtrust-eclipse/ it says "Download Silver Edition from: https://downloads.symas.com/SDLPWeb"
Maybe there is a way to take users more directly to download links
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.