- Notifications
You must be signed in to change notification settings - Fork1
The UserIdentityBackend module of the Whydah IAM/SSO
License
Cantara/Whydah-UserIdentityBackend
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Stores UserIdentities and their relation to Roles, Applications and Organizations.Requires SecurityTokenService if authorization is turned on.
create a user for the service
create update-service.sh
#!/bin/shA=UserIdentityBackendV=SNAPSHOTif [[ $V == *SNAPSHOT* ]]; then echo Note: If the artifact version contains "SNAPSHOT" - the artifact latest greates snapshot is downloaded, Irrelevent of version number!!! path="http://mvnrepo.cantara.no/content/repositories/snapshots/net/whydah/identity/$A" version=`curl -s "$path/maven-metadata.xml" | grep "<version>" | sed "s/.*<version>\([^<]*\)<\/version>.*/\1/" | tail -n 1` echo "Version $version" build=`curl -s "$path/$version/maven-metadata.xml" | grep '<value>' | head -1 | sed "s/.*<value>\([^<]*\)<\/value>.*/\1/"` JARFILE="$A-$build.jar" url="$path/$version/$JARFILE"else #A specific Release version path="http://mvnrepo.cantara.no/content/repositories/releases/net/whydah/identity/$A" url=$path/$V/$A-$V.jar JARFILE=$A-$V.jarfi# Downloadecho Downloading $urlwget -O $JARFILE -q -N $url#Create symlink or replace existing sym linkif [ -h $A.jar ]; then unlink $A.jarfiln -s $JARFILE $A.jar- create useridentitybackend.TEST.properties - TODO Decide which mode should be described here...
DEFCON=5# Normal operationsprop.type=DEVldap.embedded=trueldap.embedded.port=11389ldap.embedded.directory=target/bootstrapdata/ldapldap.primary.url=ldap://localhost:11389/dc=people,dc=whydah,dc=noldap.primary.admin.principal=uid=admin,ou=systemldap.primary.admin.credentials=secretldap.primary.uid.attribute=uidldap.primary.username.attribute=initialsldap.primary.readonly=falseroledb.directory=target/bootstrapdata/hsqldbroledb.jdbc.driver=org.hsqldb.jdbc.JDBCDriverroledb.jdbc.url=jdbc:hsqldb:file:target/bootstrapdata/hsqldb/rolesroledb.jdbc.user=saroledb.jdbc.password=import.enabled=trueimport.usersource=testdata/users.csvimport.rolemappingsource=testdata/rolemappings.csvimport.applicationssource=testdata/applications.csvimport.organizationssource=testdata/organizations.csvuseradmin.requiredrolename=WhydahUserAdminadduser.defaultrole.name=WhydahDefaultUseradduser.defaultrole.value=trueadduser.defaultapplication.name=WhydahTestWebApplicationadduser.defaultapplication.id=99adduser.defaultorganization.name=Whydahadduser.netiq.defaultrole.name=Employeeadduser.netiq.defaultrole.value=$email // Not used placeholderadduser.netiq.defaultapplication.name=ACSadduser.netiq.defaultapplication.id=100adduser.netiq.defaultorganization.name=ACSOrganizationadduser.facebook.defaultrole.name=FBDataadduser.facebook.defaultrole.value=$fbdata // Not used placeholderadduser.facebook.defaultapplication.name=WhydahTestWebApplicationadduser.facebook.defaultapplication.id=99adduser.facebook.defaultorganization.name=Facebooksecuritytokenservice=mockssologinservice=http://localhost:9997/sso/myuri=http://localhost:9995/uib/service.port=9995lucene.directory=target/bootstrapdata/lucene- create start-service.sh (normal/prod mode)
#!/bin/bash# Used by https://github.com/Cantara/Whydah/tree/master/dev-quickstart# If Version is from source, find the artifactif [ "$Version" = "FROM_SOURCE" ]; then # Find the bult artifact Version=$(find target/* -name '*.jar' | grep SNAPSHOT | grep -v original | grep -v lib)else Version=UserIdentityBackend.jarfinohup /usr/bin/java $env_vars -jar $Version &# DEV mode# nohup /usr/bin/java $env_vars -DCONSTRETTO_TAGS=DEV -jar $Version &<VirtualHost *:80> ServerName myserver.net ServerAlias myserver ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost on ProxyPass /sso http://localhost:9997/sso ProxyPass /uib http://localhost:9995/uib ProxyPass /tokenservice http://localhost:9998/tokenservice ProxyPass /useradmin http://localhost:9996/useradmin ProxyPass /test http://localhost:9990/test/</VirtualHost>- Please ensure that you have a large set (10.000-30.000) of available filehandles for UIB in large or high-traffic installations
- https://wiki.cantara.no/display/whydah/Architecture+Overview
- https://wiki.cantara.no/display/whydah/Key+Whydah+Data+Structures
- https://wiki.cantara.no/display/whydah/Whydah+Modules
If you are planning on integrating, you might want to run SecurityTokenService in DEV mode. This shortcuts the authentication.You can manually control the UserTokens for the different test-users you want, by creating a file named t_.token whichconsists of the XML representation of the access roles++ you want the spesific user to expose to the integrated application.
Licensed under the Apache License, Version 2.0 (the "License");you may not use this file except in compliance with the License.You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, softwaredistributed under the License is distributed on an "AS IS" BASIS,WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.See the License for the specific language governing permissions andlimitations under the License.
About
The UserIdentityBackend module of the Whydah IAM/SSO
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Packages0
Uh oh!
There was an error while loading.Please reload this page.
Languages
- Java95.5%
- Shell3.4%
- FreeMarker1.1%