Cubicweb-SAML
=============
SAML2 authentifier for cubicweb. This cube allow to authenticate from a SAML2
provider with cubicweb login form.
Installation
------------
The first step is to install cubicweb-saml into your python environment:
::
pip install cubicweb-saml
To add this cube into your cubicweb instance:
::
cubicweb-ctl shell <your_app>
>>> add_cube('saml')
>>> exit
To generate SAML related option in all-in-one.conf:
::
cubicweb-ctl upgrade <your_app>
Configuration
-------------
To configure cubicweb-saml metadata, open ``sources.conf`` from cubicweb
instances folder (by default ``$HOME/etc/cubicweb.d/<instance>``):
::
[SAML]
# SAML v2 metadata uri which can be read from a file (file://<absolute_path>)
# or retrieved from a specific URL(http[s]://...)
saml-metadata-uri=
# The globally unique identifier of the entity.
saml-entity-id=
To configure cubicweb-saml options, open ``all-in-one.conf`` in the same
directory:
::
[SAML]
# Don't verify that the incoming requests originate from us via the built-in
# cache for authn request ids in pysaml2
saml-allow-unsolicited=yes
# Indicates if the Authentication Requests sent by this SP should be signed by
# default.
saml-authn-requests-signed=no
# Indicates if this entity will sign the Logout Requests originated from it.
saml-logout-requests-signed=yes
# Indicates if this SP wants the IdP to send the assertions signed. This sets
# the WantAssertionsSigned attribute of the SPSSODescriptor node of the
# metadata so the IdP will know this SP preference.
saml-want-assertions-signed=yes
# Indicates that Authentication Responses to this SP must be signed. If set to
# True, the SP will not consume any SAML Responses that are not signed.
saml-want-response-signed=no
# Allow to register a new user
# if this one does not exist in current database.
saml-register-unknown-user=no
# Set the default group to register new user
# if the saml-register-unknown-user option was activated.
saml-register-default-group=guests
# Set the default password system to use if the saml-register-unknown-user
# option was activated (available values: empty, random).
saml-register-default-password=empty
Raw data
{
"_id": null,
"home_page": "https://forge.extranet.logilab.fr/cubicweb/cubes/cubicweb-saml",
"name": "cubicweb-saml",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": null,
"author": "LOGILAB S.A. (Paris, FRANCE)",
"author_email": "contact@logilab.fr",
"download_url": "https://files.pythonhosted.org/packages/a2/6a/cdf47315d48bace8cc94861855b6b123fdd74f59337bdf76005506b17b24/cubicweb-saml-1.0.1.tar.gz",
"platform": null,
"description": "Cubicweb-SAML\n=============\nSAML2 authentifier for cubicweb. This cube allow to authenticate from a SAML2\nprovider with cubicweb login form.\n\nInstallation\n------------\nThe first step is to install cubicweb-saml into your python environment:\n::\n\n pip install cubicweb-saml\n\nTo add this cube into your cubicweb instance:\n::\n\n cubicweb-ctl shell <your_app>\n >>> add_cube('saml')\n >>> exit\n\nTo generate SAML related option in all-in-one.conf:\n::\n\n cubicweb-ctl upgrade <your_app>\n\nConfiguration\n-------------\nTo configure cubicweb-saml metadata, open ``sources.conf`` from cubicweb\ninstances folder (by default ``$HOME/etc/cubicweb.d/<instance>``):\n::\n\n [SAML]\n\n # SAML v2 metadata uri which can be read from a file (file://<absolute_path>)\n # or retrieved from a specific URL(http[s]://...)\n saml-metadata-uri=\n\n # The globally unique identifier of the entity.\n saml-entity-id=\n\nTo configure cubicweb-saml options, open ``all-in-one.conf`` in the same\ndirectory:\n::\n\n [SAML]\n\n # Don't verify that the incoming requests originate from us via the built-in\n # cache for authn request ids in pysaml2\n saml-allow-unsolicited=yes\n\n # Indicates if the Authentication Requests sent by this SP should be signed by\n # default.\n saml-authn-requests-signed=no\n\n # Indicates if this entity will sign the Logout Requests originated from it.\n saml-logout-requests-signed=yes\n\n # Indicates if this SP wants the IdP to send the assertions signed. This sets\n # the WantAssertionsSigned attribute of the SPSSODescriptor node of the\n # metadata so the IdP will know this SP preference.\n saml-want-assertions-signed=yes\n\n # Indicates that Authentication Responses to this SP must be signed. If set to\n # True, the SP will not consume any SAML Responses that are not signed.\n saml-want-response-signed=no\n\n # Allow to register a new user\n # if this one does not exist in current database.\n saml-register-unknown-user=no\n\n # Set the default group to register new user\n # if the saml-register-unknown-user option was activated.\n saml-register-default-group=guests\n\n # Set the default password system to use if the saml-register-unknown-user\n # option was activated (available values: empty, random).\n saml-register-default-password=empty\n",
"bugtrack_url": null,
"license": "LGPL",
"summary": "SAML2 authentifier",
"version": "1.0.1",
"project_urls": {
"Homepage": "https://forge.extranet.logilab.fr/cubicweb/cubes/cubicweb-saml"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "e7d58c15fc96d8b696f1232c3162207e8ef14611a68df8ec265c89d0dd66592c",
"md5": "a69816eb51bcc31739191feb63cc875d",
"sha256": "d70e50fa1122d6cb47e3509954ccb6b32499abc3cfe42dc5e8ac488546f889eb"
},
"downloads": -1,
"filename": "cubicweb_saml-1.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "a69816eb51bcc31739191feb63cc875d",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 15287,
"upload_time": "2024-04-03T13:49:29",
"upload_time_iso_8601": "2024-04-03T13:49:29.709994Z",
"url": "https://files.pythonhosted.org/packages/e7/d5/8c15fc96d8b696f1232c3162207e8ef14611a68df8ec265c89d0dd66592c/cubicweb_saml-1.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "a26acdf47315d48bace8cc94861855b6b123fdd74f59337bdf76005506b17b24",
"md5": "2746f74d1618a717f9bdb32f9ffb8b71",
"sha256": "1e3369045898363085cc172f333b522437474ffefd0f886aa1b5319f7e11964f"
},
"downloads": -1,
"filename": "cubicweb-saml-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "2746f74d1618a717f9bdb32f9ffb8b71",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 12909,
"upload_time": "2024-04-03T13:49:31",
"upload_time_iso_8601": "2024-04-03T13:49:31.001054Z",
"url": "https://files.pythonhosted.org/packages/a2/6a/cdf47315d48bace8cc94861855b6b123fdd74f59337bdf76005506b17b24/cubicweb-saml-1.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-03 13:49:31",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "cubicweb-saml"
}
JSON