Comments (4)
Just ran into this myself today. In README.md
, when you see:
service_providers = {
"some-issuer-url.com/saml" => {
fingerprint: "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D",
metadata_url: "http://some-issuer-url.com/saml/metadata"
},
}
You want to change that to:
service_providers = {
"some-issuer-url.com/saml" => {
cert: OpenSSL::X509::Certificate.new(File.read(Rails.root.join('config', 'saml_sp.pem')))
fingerprint: "9E:65:2E:03:06:8D:80:F2:86:C7:6C:77:A1:D9:14:97:0A:4D:F4:4D",
metadata_url: "http://some-issuer-url.com/saml/metadata"
},
}
.. replace that path with the path to the public cert for your Service Provider, as necessary. (If you really needed, It should also be possible to obtain the cert dynamically via this sourcery, in which case I'd loop through the service_providers
after setting the hash to merge in that key.)
Note you have to prepend:
require 'openssl'
.. to the top of your initializer if you get the error that OpenSSL
is not defined.
from saml_idp.
Er. Disregard what I just crossed out. That's a horrible idea, security-wise. I can't believe I just suggested it.
from saml_idp.
I'll just add in here that, if you're following the ruby-saml
gem documentation (speaking specifically of the issuer
setting), then the key for the service provider may need to specify the protocol. So, you may need http://some-issuer-url.com/saml
, rather than just some-issuer-url.com/saml
.
from saml_idp.
Cleaning up old issues. I'm assuming folks here figured out what they needed (or have moved on). If that's incorrect reopen this and we'll continue the discussion.
from saml_idp.
Related Issues (20)
- move to travis .com HOT 2
- Certificate provided in IDP Metadata does not have Key Usage with digitalSignature field HOT 2
- Specifying encryption details in /saml/metadata
- SLO appears to be incomplete HOT 2
- Question on configuring SP HOT 2
- SamlIdp::IdpController is not works for many cases HOT 1
- undefined method `acs_url' for nil:NilClass HOT 6
- To use SP metadata information for IdP configuration. HOT 1
- Is this used in production? HOT 1
- Fixe typo of example SamlIdpController HOT 2
- 'Signature is invalid' error when logging out HOT 3
- Validate Signature for the SP by default HOT 2
- Unclear meaning of attribute "validate_signature" HOT 2
- Tried building with gem but failed, started writing a custom builder HOT 2
- IdP seems to be encoding the callback url's query string in a weird way HOT 2
- SLO Request without x509 certificate element HOT 1
- undefined method `signed_message=' for #<SamlIdp::Configurator:0x00007f9b1e8ee4f8 HOT 2
- Update rails docs HOT 2
- NoMethodError in SamlIdpController#create HOT 4
- 403 error with SLO request HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from saml_idp.