Skip to content
No description, website, or topics provided.
Branch: develop
Clone or download
Latest commit 9f0cf61 Apr 26, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.final_builds Release v72.0 Mar 18, 2019
ci/tasks Fix failing acceptance test Apr 15, 2019
config Revert "UAAC added to `uaa` package" Mar 11, 2019
docs
jobs New BOSH property to use spec-compliant oauth redirect matching Apr 25, 2019
packages Revert "UAAC added to `uaa` package" Mar 11, 2019
releases/uaa Release v72.0 Mar 18, 2019
scripts Improve output of run-locally.sh Apr 22, 2019
spec New BOSH property to use spec-compliant oauth redirect matching Apr 25, 2019
src Bump UAA Apr 26, 2019
templates Breaking change: Remove the `bpm.enabled` bosh property from UAA Apr 15, 2019
.envrc Add uaa-rotator errand Apr 27, 2018
.gitignore Rename uaa.erb to uaa because we don't template anything anymore Apr 15, 2019
.gitmodules Add uaa-rotator errand Apr 27, 2018
Gemfile
Gemfile.lock Update Nokogiri to 1.8.5 Mar 26, 2019
LICENSE Add LICENSE and NOTICE files Jun 20, 2016
NOTICE Update NOTICE Mar 2, 2017
README.md Remove all references to port 8989 Mar 29, 2018
Rakefile Add travis build to uaa-release Jul 8, 2016

README.md

UAA release

See docs taken from bosh-micro-cli circa mid-2015.

Configuring required properties for UAA start-up

The properties below need to be generated explicitly per deployment of UAA release and are required for proper start-up and functioning of UAA. These are standard artifacts which can be generated using openssl. Please refer the topic below on how to generate a self signed cert.

SAML Service Provider Configuration

login.saml.serviceProviderCertificate:
description: "UAA SAML Service provider certificate. This is used for signing outgoing SAML Authentication Requests"

login.saml.serviceProviderKey:
description: "Private key for the service provider certificate."

JWT Signing Keys(verification key needn't be set as we derive it from the private key)

uaa.jwt.policy.keys:
 description: "Map of key IDs and signing keys, each defined with a property `signingKey`"
    example:
      key-1:
        signingKey
 
 uaa.jwt.policy.active_key_id:
 description: "The ID of the JWT signing key to be used when signing tokens."
 example: "key-1" 

Configuring UAA to run on https with SSL

By default UAA is configured to use SSL with a self-signed certificate and will be started on port 8443.

Using your own certificate

Add the following properties to your manifest:

  • uaa.sslCertificate: Specifies your SSL certificate

  • uaa.sslPrivateKey: Specifies your private key. The key must be a passphrase-less key.

Generating a self-signed certificate

  1. Generate your private key with any passphrase

openssl genrsa -aes256 -out server.key 1024

  1. Remove passphrase from key

openssl rsa -in server.key -out server.key

  1. Generate certificate signing request for CA

openssl req -x509 -sha256 -new -key server.key -out server.csr

  1. Generate self-signed certificate with 365 days expiry-time

openssl x509 -sha256 -days 365 -in server.csr -signkey server.key -out selfsigned.crt

Contributing to uaa-release

General workflow

  1. Fork the repository and make a local clone

  2. Create a feature branch from the development branch

    cd uaa-release
    git checkout develop
    git submodule update
    git checkout -b my_branch
  3. Make changes on your branch

  4. Deploy your version of uaa-release to test the changes

  5. Push to your fork (git push origin my_branch) and submit a pull request selecting develop as the target branch

Deploying to a bosh-lite environment

We have provided a sample manifest for a bosh-lite uaa-release deployment. Make sure you modify the director uuid in the manifest to match yours

   bosh upload-stemcell https://bosh.io/d/stemcells/bosh-warden-boshlite-ubuntu-trusty-go_agent --skip-if-exists
   bosh create-release
   bosh upload-release
   bosh -n -e vbox -d uaa  deploy \
     templates/uaa-deployment.yml \
     --vars-store creds.yml \
     -v system_domain=uaa-standalone.com

After that you can get the IP address and add the hostname to your /etc/hosts file

You may want to setup an entry in your /etc/hosts

   10.244.0.118    uaa.uaa-standalone.com

And you access it using

   https://uaa.uaa-standalone.com:8443/

Java Runtime Environments

Java Runtime Environments are gracefully supplied by the Cloud Foundry Java Buildpack Team

JDK - https://java-buildpack.cloudfoundry.org/openjdk-jdk/trusty/x86_64/index.yml

JRE - https://java-buildpack.cloudfoundry.org/openjdk/trusty/x86_64/index.yml

Mac JDK - https://java-buildpack.cloudfoundry.org/openjdk-jdk/mountainlion/x86_64/index.yml

Mac JRE - https://java-buildpack.cloudfoundry.org/openjdk/mountainlion/x86_64/index.yml

Acknowledgements

  • We'd like to extend a thank you to all our users, contributors and supporters!
You can’t perform that action at this time.