UAA integrate with ADFS


Gwenn Etourneau
 

I am guessing a problem in your yaml file and the spring profile shoud
be 'saml,default,fileMetadata'
for saml no ?
But I am not sure about the exact format

On Wed, Jul 22, 2015 at 8:28 AM, Zhang, Yuan <Yuan.Zhang(a)emc.com> wrote:

Hi,



We have cloud foundry v197 env wants to integrate UAA server with existing
ADFS. But uaa server not working properly when changing uaa.yml from
spring_profiles: postgresql to spring_profiles: default. We want to know
the steps to integrate UAA with MS ADFS.



We have modified uaa server as following:



*1. **uaa.yml, change spring_profiles: postgresql to
spring_profiles: default*



name: uaa



database:

url: jdbc:postgresql://10.8.52.65:5524/uaadb

username: uaaadmin

password: "c1oudc0w"





*spring_profiles: default*

#spring_profiles: postgresql



logging:

config: /var/vcap/jobs/uaa/config/log4j.properties





*2. **in login.yml, adding *

saml:

entityID: https://XXXX/adfs/services/trust

nameID: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'

assertionConsumerIndex: 0

signMetaData: true

signRequest: true

socket:

connectionManagerTimeout: 10000

soTimeout: 10000

providers:

openam-local:

idpMetadata: https:// XXXX/FederationMetadata/2007

-06/FederationMetadata.xml

nameID: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

assertionConsumerIndex: 0

signMetaData: false

signRequest: false

showSamlLoginLink: true





Error from uaa.log as following, change spring_profiles: postgresql to
default causes openid cannot be identified.



[2015-07-21 22:42:46.001] uaa - 9927 [localhost-startStop-1] .... ERROR
--- YamlConfigurationValidator: Failed to load YAML validation bean. Your
YAML file may be invalid.

Can't construct a java object for tag:yaml.org,2002:org.cloudfoundry.identity.uaa.UaaConfiguration;
exception=Cannot create property=oauth for
JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration(a)38ad5581; *Cannot
create property=openid for
JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth(a)40615f24;
Unable to find property 'openid' on class:*
org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth

in 'string', line 1, column 1:

oauth:

^





*What are steps to integrate cloud foundry UAA server to MS ADFS?*



Thanks,

Tina Zhang

_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev


Tina Zhang
 

Hi,

We have cloud foundry v197 env wants to integrate UAA server with existing ADFS. But uaa server not working properly when changing uaa.yml from spring_profiles: postgresql to spring_profiles: default. We want to know the steps to integrate UAA with MS ADFS.

We have modified uaa server as following:


1. uaa.yml, change spring_profiles: postgresql to spring_profiles: default

name: uaa

database:
url: jdbc:postgresql://10.8.52.65:5524/uaadb
username: uaaadmin
password: "c1oudc0w"


spring_profiles: default
#spring_profiles: postgresql

logging:
config: /var/vcap/jobs/uaa/config/log4j.properties

...

2. in login.yml, adding
saml:
entityID: https://XXXX/adfs/services/trust
nameID: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
assertionConsumerIndex: 0
signMetaData: true
signRequest: true
socket:
connectionManagerTimeout: 10000
soTimeout: 10000
providers:
openam-local:
idpMetadata: https:// XXXX/FederationMetadata/2007
-06/FederationMetadata.xml
nameID: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
assertionConsumerIndex: 0
signMetaData: false
signRequest: false
showSamlLoginLink: true


Error from uaa.log as following, change spring_profiles: postgresql to default causes openid cannot be identified.

[2015-07-21 22:42:46.001] uaa - 9927 [localhost-startStop-1] .... ERROR --- YamlConfigurationValidator: Failed to load YAML validation bean. Your YAML file may be invalid.
Can't construct a java object for tag:yaml.org,2002:org.cloudfoundry.identity.uaa.UaaConfiguration; exception=Cannot create property=oauth for JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration(a)38ad5581; Cannot create property=openid for JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth(a)40615f24; Unable to find property 'openid' on class: org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth
in 'string', line 1, column 1:
oauth:
^


What are steps to integrate cloud foundry UAA server to MS ADFS?

Thanks,
Tina Zhang