cf-dev@lists.cloudfoundry.org | UAA and ADFS

Home Messages Hashtags Subgroups

Date Date 1 - 5 of 5

UAA and ADFS

Maaz Khan <maazkhansgsits@...> #632 Hello, We want to integrate UAA with our ADFS for authentication purpose. Is there a walk through on how to do it. I read that UAA supports SAML and LDAP. There are bunch of information regarding LDAP and UAA integration but I couldnt find much info regarding SAML. Can someone please provide some pointers on how one can go about integrating ADFS or SAML configuration with UAA. Thanks Maaz attachment.html attachment.html
More
Filip Hanik #634 We will work on improving our documentation, SAML configuration is pretty straight forward. Here is an example of where I have 4 different providers configured. https://github.com/fhanik/cf-release-manifests/blob/master/saml/saml-01-four-providers.yml I think the only requirement for ADFS is that entityID has to be a URL. So you may have to add this property https://github.com/cloudfoundry/cf-release/blob/master/jobs/uaa/spec#L329 Filip toggle quoted message Show quoted text On Tue, Jun 30, 2015 at 6:02 PM, Maaz Khan <maazkhansgsits(a)gmail.com> wrote: Hello, We want to integrate UAA with our ADFS for authentication purpose. Is there a walk through on how to do it. I read that UAA supports SAML and LDAP. There are bunch of information regarding LDAP and UAA integration but I couldnt find much info regarding SAML. Can someone please provide some pointers on how one can go about integrating ADFS or SAML configuration with UAA. Thanks Maaz _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev attachment.html attachment.html
More All Messages By This Member
Maaz #648 Hi Filip, Thanks for the links. Here is what I did. Checked out UAA code from git. In resource/uaa.yml file I modified to reflect the use of SAML spring_profiles: saml In login.yml I have populated these entries: saml: entityID: https://qeadfs1.qengis.xxxxxx.com/adfs/services/trust nameID: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified' assertionConsumerIndex: 0 signMetaData: true signRequest: true socket: # URL metadata fetch - pool timeout connectionManagerTimeout: 10000 # URL metadata fetch - read timeout soTimeout: 10000 #BEGIN SAML PROVIDERS providers: openam-local: idpMetadata: https://qeadfs1.qengis.xxxxxx.com/FederationMetadata/2007-06/FederationMetadata.xml nameID: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress assertionConsumerIndex: 0 signMetaData: false signRequest: false showSamlLoginLink: true linkText: 'Log in with OpenAM' Now when I run UAA locally and hit the URL http://localhost:8080/uaa/login I get this error org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'applicationProperties' defined in class path resource [spring/env.xml]: Cannot resolve reference to bean 'platformProperties' while setting bean property 'propertiesArray' with key [0]; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'platformProperties' is defined Given that I have Entity ID - https://qeadfs1.qengis.xxxxxx.com/adfs/services/trust And federated metadata from ADFS - : https://qeadfs1.qengis.xxxxxx.com/FederationMetadata/2007-06/FederationMetadata.xml What will be the correct steps to integrate with ADFS? Thanks Maaz attachment.html attachment.html
More All Messages By This Member
Filip Hanik #649 change spring_profiles: saml to spring_profiles: default toggle quoted message Show quoted text On Wed, Jul 1, 2015 at 3:08 PM, Khan, Maaz <Maaz.Khan(a)emc.com> wrote: Hi Filip, Thanks for the links. Here is what I did. Checked out UAA code from git. In resource/uaa.yml file I modified to reflect the use of SAML spring_profiles: saml In login.yml I have populated these entries: saml: entityID: https://qeadfs1.qengis.xxxxxx.com/adfs/services/trust nameID: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified' assertionConsumerIndex: 0 signMetaData: true signRequest: true socket: # URL metadata fetch - pool timeout connectionManagerTimeout: 10000 # URL metadata fetch - read timeout soTimeout: 10000 #BEGIN SAML PROVIDERS providers: openam-local: idpMetadata: https://qeadfs1.qengis.xxxxxx.com/FederationMetadata/2007-06/FederationMetadata.xml nameID: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress assertionConsumerIndex: 0 signMetaData: false signRequest: false showSamlLoginLink: true linkText: 'Log in with OpenAM' Now when I run UAA locally and hit the URL http://localhost:8080/uaa/login I get this error org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'applicationProperties' defined in class path resource [spring/env.xml]: Cannot resolve reference to bean 'platformProperties' while setting bean property 'propertiesArray' with key [0]; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'platformProperties' is defined Given that I have Entity ID – https://qeadfs1.qengis.xxxxxx.com/adfs/services/trust And federated metadata from ADFS – : https://qeadfs1.qengis.xxxxxx.com/FederationMetadata/2007-06/FederationMetadata.xml What will be the correct steps to integrate with ADFS? Thanks Maaz _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev attachment.html attachment.html
More All Messages By This Member
Filip Hanik #650 we don't use 'saml' as a profile anymore. that is gone. if it exists in documentation we must remove it toggle quoted message Show quoted text On Wed, Jul 1, 2015 at 3:10 PM, Filip Hanik <fhanik(a)pivotal.io> wrote: change spring_profiles: saml to spring_profiles: default On Wed, Jul 1, 2015 at 3:08 PM, Khan, Maaz <Maaz.Khan(a)emc.com> wrote: Hi Filip, Thanks for the links. Here is what I did. Checked out UAA code from git. In resource/uaa.yml file I modified to reflect the use of SAML spring_profiles: saml In login.yml I have populated these entries: saml: entityID: https://qeadfs1.qengis.xxxxxx.com/adfs/services/trust nameID: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified' assertionConsumerIndex: 0 signMetaData: true signRequest: true socket: # URL metadata fetch - pool timeout connectionManagerTimeout: 10000 # URL metadata fetch - read timeout soTimeout: 10000 #BEGIN SAML PROVIDERS providers: openam-local: idpMetadata: https://qeadfs1.qengis.xxxxxx.com/FederationMetadata/2007-06/FederationMetadata.xml nameID: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress assertionConsumerIndex: 0 signMetaData: false signRequest: false showSamlLoginLink: true linkText: 'Log in with OpenAM' Now when I run UAA locally and hit the URL http://localhost:8080/uaa/login I get this error org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'applicationProperties' defined in class path resource [spring/env.xml]: Cannot resolve reference to bean 'platformProperties' while setting bean property 'propertiesArray' with key [0]; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'platformProperties' is defined Given that I have Entity ID – https://qeadfs1.qengis.xxxxxx.com/adfs/services/trust And federated metadata from ADFS – : https://qeadfs1.qengis.xxxxxx.com/FederationMetadata/2007-06/FederationMetadata.xml What will be the correct steps to integrate with ADFS? Thanks Maaz _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev attachment.html attachment.html
More All Messages By This Member

1 - 5 of 5

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms