f64dc8e050
Fixed the "starting" URL referenced in README - /whoami does not exist any more, so following the instructions gave a "Not Found" error. Re-ordered the README sections to put things needed most often or by more users up front; moved things most people will not need to know towards the end. (Very little content is new/changed; most is just rearranged.) Updated create_key.sh to be more test-friendly, and document how to deploy newly generated keys; added a pointer to it in README.
41 lines
1.2 KiB
Plaintext
41 lines
1.2 KiB
Plaintext
This is a very simple setup just to check that all your gear are in order.
|
|
|
|
The setup consists of one IdP and one SP, in idp2/ and sp-wsgi/ respectively.
|
|
|
|
To run the setup do:
|
|
|
|
./all.sh start
|
|
|
|
and then use your favourite webbrowser to look at "http://localhost:8087/"
|
|
|
|
To shut it down do:
|
|
|
|
./all.sh stop
|
|
|
|
The IdP authenticates users using a dictionary built in to idp2/idp.py;
|
|
look for the dictionary called PASSWD inside that file.
|
|
|
|
Other metadata about the accounts (names, email addresses, etc) are
|
|
stored in idp2/idp_user.py. (Note, not all accounts have all such data
|
|
defined.)
|
|
|
|
The username:password pairs in PASSWD:
|
|
|
|
haho0032:qwerty
|
|
roland:dianakra
|
|
babs:howes
|
|
upper:crust
|
|
|
|
The SP doesn't do anything but show you the information that the IdP sent.
|
|
|
|
Note, the listeners are all configured to bind to localhost (127.0.0.1) only.
|
|
If you want to be able to connect to them externally, grep "HOST = '127.0.0.1'"
|
|
example/*/*.py and replace 127.0.0.1 with 0.0.0.0 or a specific IP.
|
|
|
|
To make it easy, for me :-), both the IdP and the SP uses the same keys.
|
|
To generate new keys, run create_key.sh and follow its instructions.
|
|
|
|
There are alternate IdP and SP configs in idp2_repoze/ and sp-repoze/ that
|
|
are still in flux; do not use them unless you know what you are doing.
|
|
|