forked from easel/django-saml2-sp
-
Notifications
You must be signed in to change notification settings - Fork 2
/
INSTALL.txt
65 lines (50 loc) · 2.41 KB
/
INSTALL.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
ACKNOWLEDGEMENTS
================
First, special thanks for the idea and some starter code to:
http://robinelvin.wordpress.com/2009/09/04/saml-with-django/
M2Crypto
===============
M2Crypto is available as a system package for Ubuntu (at least on 9.10).
The name is 'python-m2crypto'. You can use the "Synaptic Package Manager" or
the "apt-get" command-line program to install it.
If that doesn't work, you can manually download and install it:
- M2Crypto @ http://chandlerproject.org/bin/view/Projects/MeTooCrypto
FOR PRE-EXISTING PROJECTS
=========================
For existing projects, you will also need to:
- Enable the Django auth system. (http://docs.djangoproject.com/en/dev/topics/auth/)
- Download and install the "saml2sp" app from this project site.
- Add this line to your top-level urlpatterns (in urls.py usually):
urlpatterns = patterns('',
...
(r'^sp/', include('saml2sp.urls')),
...
)
- Enable Web SSO login: Add or update this setting in settings.py:
LOGIN_URL = '/sp/sso/login/'
FOR THE INCLUDED SAMPLE PROJECT
===============================
This project comes with a working sample Django project called "sptest".
You can download it and run it as-is, using standard Django commands:
$ cd path/to/sptest
$ python manage.py syncdb
$ python manage.py runserver
OpenSSL Key and Certificate Files
=================================
OpenSSL signing requires creation of a key and a certificate file. The "keys"
folder contains the "mk_keys.sh" Bash Script, which will walk you through the
process. (Sorry, I don't have any help for non-linux users, but I would be
happy to include it, if someone contributes it.)
You can turn on the "signing" feature by adding this entry to your settings.py:
SAML2IDP_SIGNING = True
SAML2IDP_PRIVATE_KEY_FILE = '/absolute/path/to/private-key.pem'
SAML2IDP_CERTIFICATE_FILE = '/absolute/path/to/certificate.pem'
When signing is enabled, the "saml2idp" views will be signed with the key and
the certificate; in other words, this Identity Provider will identify itself
much more securely.
INTEGRATION WITH django-saml2-idp
================================
A reference Identity Provider has been implementated in the django-saml2-idp project
at http://code.google.com/p/django-saml2-idp/. (Or will be soon.)
You can run that sample project at the same time as the sample project here.
See the INSTALL.txt file in the django-saml2-idp project for more information.