:saml_authenticatable, :trackable devise :registerable, :confirmable, :recov

1. :saml_authenticatable, :trackable
2.  
3. devise :registerable, :confirmable, :recoverable,
4. :rememberable, :trackable, :validatable, :database_authenticatable,
5. :saml_authenticatable, :trackable
6.  
7. Devise.setup do |config|
8. ...
9. # ==> Configuration for :saml_authenticatable
10.  
11. # Create user if the user does not exist. (Default is false)
12. config.saml_create_user = true
13.  
14. # Update the attributes of the user after a successful login. (Default is false)
15. config.saml_update_user = true
16.  
17. # Set the default user key. The user will be looked up by this key. Make
18. # sure that the Authentication Response includes the attribute.
19. config.saml_default_user_key = :email
20.  
21. # Optional. This stores the session index defined by the IDP during login. If provided it will be used as a salt
22. # for the user's session to facilitate an IDP initiated logout request.
23. config.saml_session_index_key = :session_index
24.  
25. # You can set this value to use Subject or SAML assertation as info to which email will be compared
26. # If you don't set it then email will be extracted from SAML assertation attributes
27. config.saml_use_subject = true
28.  
29. # You can support multiple IdPs by setting this value to a class that implements a #settings method which takes
30. # an IdP entity id as an argument and returns a hash of idp settings for the corresponding IdP.
31. config.idp_settings_adapter = nil
32.  
33. # You provide you own method to find the idp_entity_id in a SAML message in the case of multiple IdPs
34. # by setting this to a custom reader class, or use the default.
35. # config.idp_entity_id_reader = DeviseSamlAuthenticatable::DefaultIdpEntityIdReader
36.  
37. # You can set a handler object that takes the response for a failed SAML request and the strategy,
38. # and implements a #handle method. This method can then redirect the user, return error messages, etc.
39. # config.saml_failed_callback = nil
40.  
41. # Configure with your SAML settings (see [ruby-saml][] for more information).
42. config.saml_configure do |settings|
43. settings.assertion_consumer_service_url = "http://localhost:3000/users/saml/auth"
44. settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
45. settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
46. settings.issuer = "http://localhost:3000/saml/metadata"
47. settings.authn_context = ""
48. settings.idp_slo_target_url = "http://localhost/simplesaml/www/saml2/idp/SingleLogoutService.php"
49. settings.idp_sso_target_url = "http://localhost/simplesaml/www/saml2/idp/SSOService.php"
50. settings.idp_cert = <<-CERT.chomp
51. -----BEGIN CERTIFICATE-----
52. 1111111111111111111111111111111111111111111111111111111111111111
53. 1111111111111111111111111111111111111111111111111111111111111111
54. 1111111111111111111111111111111111111111111111111111111111111111
55. 1111111111111111111111111111111111111111111111111111111111111111
56. 1111111111111111111111111111111111111111111111111111111111111111
57. 1111111111111_______IDP_CERTIFICATE________111111111111111111111
58. 1111111111111111111111111111111111111111111111111111111111111111
59. 1111111111111111111111111111111111111111111111111111111111111111
60. 1111111111111111111111111111111111111111111111111111111111111111
61. 1111111111111111111111111111111111111111111111111111111111111111
62. 1111111111111111111111111111111111111111111111111111111111111111
63. 1111111111111111111111111111111111111111111111111111111111111111
64. 1111111111111111111111111111111111111111111111111111111111111111
65. 111111111111111111
66. -----END CERTIFICATE-----
67. CERT
68. end
69. end
70.  
71. "urn:mace:dir:attribute-def:uid": "user_name"
72. "urn:mace:dir:attribute-def:email": "email"
73. "urn:mace:dir:attribute-def:name": "last_name"
74. "urn:mace:dir:attribute-def:givenName": "name"