98 lines
3.5 KiB
YAML
98 lines
3.5 KiB
YAML
module: satosa.backends.saml2.SAMLBackend
|
|
name: idp
|
|
config:
|
|
entityid_endpoint: true
|
|
mirror_force_authn: true
|
|
memorize_idp: no
|
|
use_memorized_idp_when_force_authn: no
|
|
send_requester_id: true
|
|
enable_metadata_reload: false
|
|
acs_selection_strategy: use_first_acs
|
|
|
|
sp_config:
|
|
name: SATOSA Proxy SP (Backend)
|
|
description: zididp.uni-graz.at
|
|
key_file: ssl/sp.key
|
|
cert_file: ssl/sp.crt
|
|
organization:
|
|
display_name: zididp.uni-graz.at
|
|
name: SATOSA Proxy SP (Backend)
|
|
url: "https://zididp.uni-graz.at"
|
|
|
|
metadata:
|
|
local:
|
|
- metadata/login.uni-graz.at.xml
|
|
# - metadata/devlogin.uni-graz.at.xml
|
|
|
|
entityid: <base_url>/<name>/proxy_saml2_backend.xml
|
|
accepted_time_diff: 60
|
|
attribute_map_dir: attributemaps
|
|
|
|
service:
|
|
sp:
|
|
authn_requests_signed: true
|
|
want_response_signed: true
|
|
allow_unsolicited: true
|
|
endpoints:
|
|
assertion_consumer_service:
|
|
- [ <base_url>/<name>/acs/post, urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST ]
|
|
|
|
name_id_format:
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
|
name_id_policy_format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
|
|
requested_attributes:
|
|
- friendly_name: givenName
|
|
name: urn:oid:2.5.4.42
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: sn
|
|
name: urn:oid:2.5.4.4
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: mail
|
|
name: urn:oid:0.9.2342.19200300.100.1.3
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: displayName
|
|
name: urn:oid:2.16.840.1.113730.3.1.241
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: eduPersonPrincipalName
|
|
name: urn:oid:1.3.6.1.4.1.5923.1.1.1.6
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: eduPersonUniqueId
|
|
name: urn:oid:1.3.6.1.4.1.5923.1.1.1.13
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: eduPersonScopedAffiliation
|
|
name: urn:oid:1.3.6.1.4.1.5923.1.1.1.9
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: schacPersonalUniqueCode
|
|
name: urn:oid:1.3.6.1.4.1.25178.1.2.14
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: SAPemployeeNumber
|
|
name: urn:oid:1.3.6.1.4.1.56980.4950.4.16.143050.6.13
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: PKemployeeNumber
|
|
name: urn:oid:1.3.6.1.4.1.56980.4950.4.16.143050.6.14
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: UGOemployeeNumber
|
|
name: urn:oid:1.3.6.1.4.1.56980.4950.4.16.143050.6.15
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: uid
|
|
name: urn:oid:0.9.2342.19200300.100.1.1
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|
|
|
|
- friendly_name: cn
|
|
name: urn:oid:2.5.4.3
|
|
name_format: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
|