Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- :saml_authenticatable, :trackable
- devise :registerable, :confirmable, :recoverable,
- :rememberable, :trackable, :validatable, :database_authenticatable,
- :saml_authenticatable, :trackable
- Devise.setup do |config|
- ...
- # ==> Configuration for :saml_authenticatable
- # Create user if the user does not exist. (Default is false)
- config.saml_create_user = true
- # Update the attributes of the user after a successful login. (Default is false)
- config.saml_update_user = true
- # Set the default user key. The user will be looked up by this key. Make
- # sure that the Authentication Response includes the attribute.
- config.saml_default_user_key = :email
- # Optional. This stores the session index defined by the IDP during login. If provided it will be used as a salt
- # for the user's session to facilitate an IDP initiated logout request.
- config.saml_session_index_key = :session_index
- # You can set this value to use Subject or SAML assertation as info to which email will be compared
- # If you don't set it then email will be extracted from SAML assertation attributes
- config.saml_use_subject = true
- # You can support multiple IdPs by setting this value to a class that implements a #settings method which takes
- # an IdP entity id as an argument and returns a hash of idp settings for the corresponding IdP.
- config.idp_settings_adapter = nil
- # You provide you own method to find the idp_entity_id in a SAML message in the case of multiple IdPs
- # by setting this to a custom reader class, or use the default.
- # config.idp_entity_id_reader = DeviseSamlAuthenticatable::DefaultIdpEntityIdReader
- # You can set a handler object that takes the response for a failed SAML request and the strategy,
- # and implements a #handle method. This method can then redirect the user, return error messages, etc.
- # config.saml_failed_callback = nil
- # Configure with your SAML settings (see [ruby-saml][] for more information).
- config.saml_configure do |settings|
- settings.assertion_consumer_service_url = "http://localhost:3000/users/saml/auth"
- settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
- settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
- settings.issuer = "http://localhost:3000/saml/metadata"
- settings.authn_context = ""
- settings.idp_slo_target_url = "http://localhost/simplesaml/www/saml2/idp/SingleLogoutService.php"
- settings.idp_sso_target_url = "http://localhost/simplesaml/www/saml2/idp/SSOService.php"
- settings.idp_cert = <<-CERT.chomp
- -----BEGIN CERTIFICATE-----
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111_______IDP_CERTIFICATE________111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 1111111111111111111111111111111111111111111111111111111111111111
- 111111111111111111
- -----END CERTIFICATE-----
- CERT
- end
- end
- "urn:mace:dir:attribute-def:uid": "user_name"
- "urn:mace:dir:attribute-def:email": "email"
- "urn:mace:dir:attribute-def:name": "last_name"
- "urn:mace:dir:attribute-def:givenName": "name"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement