cmrockwell opened a new pull request #51: SAML2 Service Provider Pull Request URL: https://github.com/apache/sling-whiteboard/pull/51 The intent of this PR is to get it reviewed and provide me with valuable feedback about making it better, and ideally getting direct support from Sling Developers. It should work with minimal configurations. **Apache Felix JAAS Configuration Factory** jaas.controlFlag=sufficient jaas.ranking=110 jaas.realmName=jackrabbit.oak jaas.classname=org.apache.sling.auth.saml2.sync.Saml2LoginModule **Service User & Mapping** Create a user saml2-user-mgt, and grant the user jcr:all access to /home Create a Service Mapping org.apache.sling.auth.saml2:Saml2UserMgtService=saml2-user-mgt **SAML2 Service Provider (SP) Configuration** Defaults should be good. But the config does need to be saved path=http://localhost:8080/ entityID=http://localhost:8080/ saml2userIDAttr=username saml2userIDAttr=/home/users/saml saml2groupMembershipAttr=urn:oid:2.16.840.1.113719.1.1.4.1.25 saml2SessionAttr=saml2AuthInfo saml2IDPDestination=http://localhost:8080/idp/profile/SAML2/Redirect/SSO saml2SPEnabled=true **Open Questions that I need help with** 1) Keystore (/resource/SPKeystore.jks) is hard-coded. Can you make any recommendation or refer me to reference projects that would make this configurable? 2) I tried over and over to understand how to make use of Oak's External Identity Provider, External Login Module, and User Sync. If this is really important to do and some developer could help, I would really appreciate it.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
