1 260
szerkesztés
Módosítások
a
It is easier to configure VidyoPortal by using friendly attribute names instead of OIDs, therefore use the <code>oid2name</code> ''AttributeMap'' for the transformation of attribute names. Edit ''metadata/saml20-idp-hosted.php'' as the following:
You should register For SP configuration, please follow your federation's guides or use [https://simplesamlphp.org/docs/stable/simplesamlphp-sp SimpleSAMLphp documentation] as a reference. Basically you will need to perform the following:* generate a key and a certificate for the proxy (SP metadata ) and configure SSP to use them;* register the proxy in your federation according :** you will need to use the SP certificate here;** your attribute requirements depend on what attributes you have configured in Vidyo previously;* configure the SP to refresh federation rules. Use (or eduGAIN) metadata regularly by using ''[https://simplesamlphp.org/docs/stable/simplesamlphp-automated_metadata metarefresh]'' for keeping the federation metadata up to date.
→Configure the SP part
You will need to configure SSP both as an IdP (in the direction of VidyoPortal) and an SP (for the federation).
== Configure SSP the IdP for VidyoPortal part ==Your proxy will be an IdP from the point of view of the VideoPortal. The IdP will use the SP part for authentication, thus you can login to the proxy by the federation.
Enable SAML2 IdP functionality in <code>config/config.php</code>:
openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out idp.crt -keyout idp.pem
'auth' => 'default-sp',
'privatekey' => 'idp.key',
200 => array('class' => 'core:AttributeMap', 'oid2name'),
),
It is recommended to configure VidyoPortal by using friendly attribute names (you don't want to write OIDs), therefore use the built-in <code>oid2name</code> ''AttributeMap'' for the transformation of attribute names.
Retrieve VidyoPortal metadata from the portal administration interface and save it as ''metadata/vidyo-sp.xml''. It needs to be referenced from ''config/config.php'':
[[File:VidyoAdmin3.png]]
== Configure SSP the SP for your federation part ==
In the IdP configuration, define you have referenced an authsource called ''default-sp''. This If you configure a SimpleSAMLphp SP with this identifier, the IdP settings above will direct the your users to their home IdP. '''TODO: explain'''
