Merge pull request #116 from dv10den/master
Updated to doc on how to setup and run the basic IDP and SP examples
This commit is contained in:
Roland Hedberg
@@ -2,3 +2,25 @@
|
||||
|
||||
An extremly simple example of a SAML2 identity provider.
|
||||
========================================================
|
||||
|
||||
Setup:
|
||||
******
|
||||
|
||||
The folder [your path]/pysaml2/example/idp2 contains a file named idp_conf.py.example
|
||||
|
||||
Take the file named idp_conf.py.example and rename it idp_conf.py
|
||||
|
||||
Generate a metadata file based in the configuration file (idp_conf.py) by using the command::
|
||||
|
||||
make_metadata.py idp_conf.py > idp.xml
|
||||
|
||||
|
||||
Run IDP:
|
||||
********
|
||||
|
||||
Open a Terminal::
|
||||
|
||||
cd [your path]/pysaml2/example/idp2
|
||||
python idp.py idp_conf
|
||||
|
||||
Note that you should not have the .py extension on the idp_conf.py while running the program
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
.. _example_index:
|
||||
|
||||
These are examples of the usage of pySAML2!
|
||||
===========================================
|
||||
Quick pysaml2 example
|
||||
=====================
|
||||
|
||||
:Release: |version|
|
||||
:Date: |today|
|
||||
|
||||
In order to confirm that pysaml2 has been installed correctly and are ready to use you could run this basic example
|
||||
|
||||
Contents:
|
||||
|
||||
.. toctree::
|
||||
|
||||
@@ -4,7 +4,7 @@ An extremly simple example of a SAML2 service provider.
|
||||
=======================================================
|
||||
|
||||
How it works
|
||||
------------
|
||||
************
|
||||
|
||||
A SP works with authentication and possibly attribute aggregation.
|
||||
Both of these functions can be seen as parts of the normal Repoze.who
|
||||
@@ -26,35 +26,52 @@ from the IdP/AA. If there exists both a name and a friendly name, for
|
||||
instance, the friendly name is used as the key.
|
||||
|
||||
Setup
|
||||
-----
|
||||
*****
|
||||
|
||||
If you look in the example/sp directory of the distribution you will see
|
||||
the necessary files:
|
||||
**sp-wsgi:**
|
||||
|
||||
* Go to the folder:
|
||||
[your path]/pysaml2/example/sp-wsgi
|
||||
|
||||
* Take the file named sp_conf.py.example and rename it sp_conf.py
|
||||
|
||||
sp_conf.py is configured to run on localhost on port 8087. If you want to you could make the necessary changes before proceeding to the next step.
|
||||
|
||||
* In order to generate the metadata file open a terminal::
|
||||
|
||||
cd [your path]/pysaml2/example/sp-wsgi
|
||||
make_metadata.py sp_conf.py > sp.xml
|
||||
|
||||
|
||||
**sp-repoze:**
|
||||
|
||||
* Go to the folder:
|
||||
[your path]/pysaml2/example/sp-repoze
|
||||
|
||||
* Take the file named sp_conf.py.example and rename it sp_conf.py
|
||||
|
||||
sp_conf.py is configured to run on localhost on port 8087. If you want to you could make the necessary changes before proceeding to the next step.
|
||||
|
||||
* In order to generate the metadata file open a terminal::
|
||||
|
||||
cd [your path]/pysaml2/example/sp-repoze
|
||||
make_metadata.py sp_conf.py > sp.xml
|
||||
|
||||
Important files:
|
||||
|
||||
application.py
|
||||
which is the web application. In this case it will just print the
|
||||
information provided by the IdP in a table.
|
||||
|
||||
sp_conf.py
|
||||
The SPs configuration
|
||||
|
||||
who.ini
|
||||
The repoze.who configuration file
|
||||
|
||||
And then there are two files with certificates, mykey.pem with the private
|
||||
Inside the folder named pki there are two files with certificates, mykey.pem with the private
|
||||
certificate and mycert.pem with the public part.
|
||||
|
||||
I'll go through these step by step.
|
||||
|
||||
The application
|
||||
---------------
|
||||
|
||||
Build to use the wsgiref's simple_server, which is fine for testing but
|
||||
not for production.
|
||||
|
||||
|
||||
SP configuration
|
||||
----------------
|
||||
sp_conf.py
|
||||
----------
|
||||
|
||||
The configuration is written as described in :ref:`howto_config`. It means among other
|
||||
things that it's easily testable as to the correct syntax.
|
||||
@@ -134,8 +151,9 @@ Change directory to where you have the configuration file and do ::
|
||||
|
||||
|
||||
|
||||
Repoze configuration
|
||||
--------------------
|
||||
who.ini
|
||||
-------
|
||||
The file named who.ini is the repoze.who configuration file
|
||||
|
||||
I'm not going through the INI file format here. You should read
|
||||
`Middleware Responsibilities <http://docs.repoze.org/who/2.0/middleware.html>`_
|
||||
@@ -175,6 +193,23 @@ After this, the plugin is referenced in a couple of places::
|
||||
|
||||
Which means that the plugin is used in all phases.
|
||||
|
||||
Run SP:
|
||||
*******
|
||||
|
||||
Open a Terminal::
|
||||
|
||||
cd [your path]/pysaml2/example/sp-wsgi
|
||||
python sp.py sp_conf
|
||||
|
||||
Note that you should not have the .py extension on the sp_conf.py while running the program
|
||||
|
||||
Now you should be able to open a web browser go to to service provider (if you didn't change sp_conf.py it should be: http://localhost:8087)
|
||||
|
||||
You should be redirected to the IDP and presented with a login screen.
|
||||
|
||||
You could enter Username:roland and Password:dianakra
|
||||
All users are specified in idp.py in a dictionary named PASSWD
|
||||
|
||||
The application
|
||||
---------------
|
||||
|
||||
|
||||
Reference in New Issue
Block a user