openstack/deb-python-pysaml2
Code Issues Proposed changes

Merge pull request #116 from dv10den/master

Browse Source 
Updated to doc on how to setup and run the basic IDP and SP examples
This commit is contained in:
Roland Hedberg
2014-05-13 10:16:44 +02:00
parent 5eed220908 38de81678c
commit fabb33be35
4 changed files with 81 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
doc/code/dummy.txt
View File

22
doc/examples/idp.rst
View File

@@ -2,3 +2,25 @@
An extremly simple example of a SAML2 identity provider. An extremly simple example of a SAML2 identity provider.
======================================================== ========================================================
Setup:
******
The folder [your path]/pysaml2/example/idp2 contains a file named idp_conf.py.example
Take the file named idp_conf.py.example and rename it idp_conf.py
Generate a metadata file based in the configuration file (idp_conf.py) by using the command::
make_metadata.py idp_conf.py > idp.xml
Run IDP:
********
Open a Terminal::
cd [your path]/pysaml2/example/idp2
python idp.py idp_conf
Note that you should not have the .py extension on the idp_conf.py while running the program

6
doc/examples/index.rst
View File

@@ -1,11 +1,13 @@
.. _example_index: .. _example_index:
These are examples of the usage of pySAML2! Quick pysaml2 example
=========================================== =====================
:Release: |version| :Release: |version|
:Date: |today| :Date: |today|
In order to confirm that pysaml2 has been installed correctly and are ready to use you could run this basic example
Contents: Contents:
.. toctree:: .. toctree::

75
doc/examples/sp.rst
View File

@@ -4,7 +4,7 @@ An extremly simple example of a SAML2 service provider.
======================================================= =======================================================
How it works How it works
------------ ************
A SP works with authentication and possibly attribute aggregation. A SP works with authentication and possibly attribute aggregation.
Both of these functions can be seen as parts of the normal Repoze.who Both of these functions can be seen as parts of the normal Repoze.who
@@ -26,35 +26,52 @@ from the IdP/AA. If there exists both a name and a friendly name, for
instance, the friendly name is used as the key. instance, the friendly name is used as the key.
Setup Setup
----- *****
If you look in the example/sp directory of the distribution you will see **sp-wsgi:**
the necessary files:
* Go to the folder:
[your path]/pysaml2/example/sp-wsgi
* Take the file named sp_conf.py.example and rename it sp_conf.py
sp_conf.py is configured to run on localhost on port 8087. If you want to you could make the necessary changes before proceeding to the next step.
* In order to generate the metadata file open a terminal::
cd [your path]/pysaml2/example/sp-wsgi
make_metadata.py sp_conf.py > sp.xml
**sp-repoze:**
* Go to the folder:
[your path]/pysaml2/example/sp-repoze
* Take the file named sp_conf.py.example and rename it sp_conf.py
sp_conf.py is configured to run on localhost on port 8087. If you want to you could make the necessary changes before proceeding to the next step.
* In order to generate the metadata file open a terminal::
cd [your path]/pysaml2/example/sp-repoze
make_metadata.py sp_conf.py > sp.xml
Important files:
application.py
which is the web application. In this case it will just print the
information provided by the IdP in a table.
sp_conf.py sp_conf.py
The SPs configuration The SPs configuration
who.ini who.ini
The repoze.who configuration file The repoze.who configuration file
And then there are two files with certificates, mykey.pem with the private Inside the folder named pki there are two files with certificates, mykey.pem with the private
certificate and mycert.pem with the public part. certificate and mycert.pem with the public part.
I'll go through these step by step. I'll go through these step by step.
The application sp_conf.py
--------------- ----------
Build to use the wsgiref's simple_server, which is fine for testing but
not for production.
SP configuration
----------------
The configuration is written as described in :ref:`howto_config`. It means among other The configuration is written as described in :ref:`howto_config`. It means among other
things that it's easily testable as to the correct syntax. things that it's easily testable as to the correct syntax.
@@ -134,8 +151,9 @@ Change directory to where you have the configuration file and do ::
Repoze configuration who.ini
-------------------- -------
The file named who.ini is the repoze.who configuration file
I'm not going through the INI file format here. You should read I'm not going through the INI file format here. You should read
`Middleware Responsibilities <http://docs.repoze.org/who/2.0/middleware.html>`_ `Middleware Responsibilities <http://docs.repoze.org/who/2.0/middleware.html>`_
@@ -175,6 +193,23 @@ After this, the plugin is referenced in a couple of places::
Which means that the plugin is used in all phases. Which means that the plugin is used in all phases.
Run SP:
*******
Open a Terminal::
cd [your path]/pysaml2/example/sp-wsgi
python sp.py sp_conf
Note that you should not have the .py extension on the sp_conf.py while running the program
Now you should be able to open a web browser go to to service provider (if you didn't change sp_conf.py it should be: http://localhost:8087)
You should be redirected to the IDP and presented with a login screen.
You could enter Username:roland and Password:dianakra
All users are specified in idp.py in a dictionary named PASSWD
The application The application
--------------- ---------------