UAA integrate with ADFS


Tina Zhang
 

Hi,

We have cloud foundry v197 env wants to integrate UAA server with existing ADFS. But uaa server not working properly when changing uaa.yml from spring_profiles: postgresql to spring_profiles: default. We want to know the steps to integrate UAA with MS ADFS.

We have modified uaa server as following:


1. uaa.yml, change spring_profiles: postgresql to spring_profiles: default

name: uaa

database:
url: jdbc:postgresql://10.8.52.65:5524/uaadb
username: uaaadmin
password: "c1oudc0w"


spring_profiles: default
#spring_profiles: postgresql

logging:
config: /var/vcap/jobs/uaa/config/log4j.properties

...

2. in login.yml, adding
saml:
entityID: https://XXXX/adfs/services/trust
nameID: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
assertionConsumerIndex: 0
signMetaData: true
signRequest: true
socket:
connectionManagerTimeout: 10000
soTimeout: 10000
providers:
openam-local:
idpMetadata: https:// XXXX/FederationMetadata/2007
-06/FederationMetadata.xml
nameID: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
assertionConsumerIndex: 0
signMetaData: false
signRequest: false
showSamlLoginLink: true


Error from uaa.log as following, change spring_profiles: postgresql to default causes openid cannot be identified.

[2015-07-21 22:42:46.001] uaa - 9927 [localhost-startStop-1] .... ERROR --- YamlConfigurationValidator: Failed to load YAML validation bean. Your YAML file may be invalid.
Can't construct a java object for tag:yaml.org,2002:org.cloudfoundry.identity.uaa.UaaConfiguration; exception=Cannot create property=oauth for JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration(a)38ad5581; Cannot create property=openid for JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth(a)40615f24; Unable to find property 'openid' on class: org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth
in 'string', line 1, column 1:
oauth:
^


What are steps to integrate cloud foundry UAA server to MS ADFS?

Thanks,
Tina Zhang

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.