-
Notifications
You must be signed in to change notification settings - Fork 0
Configuration
Ranjith Manickam edited this page Aug 7, 2018
·
11 revisions
This section includes topics about configuring the service provider inside application.yml file and the detailed description.
| Property name | Description | ||||
|---|---|---|---|---|---|
| Server configuration | |||||
| server.port | service port number. | ||||
| server.loadBalancerEnv | service provider is running in proxy environment make it to 'true'. default: 'false' |
||||
| SSL certificate configuration | |||||
| ssl.enabled | must be 'true'. | ||||
| ssl.key-store | ssl key store file location. (.jks extension file) | ||||
| ssl.key-alias | ssl key store alias. | ||||
| ssl.key-store-password | ssl key store password. | ||||
| Tenant/Client identifier | |||||
| tenant.identifier |
supported values: DNS, ATTRIBUTE
|
||||
| tenant.identifierParam | attribute tenant identifier parameter. note: https://sp.ranmanic.in?tenant=google. "tenant" is the identifierParam value. |
||||
| Service Provider configuration | |||||
| sp.entityId | service provider entity id. (this will be changed at runtime based on the tenant identifier) | ||||
| sp.nameId | name id formats. (supported values: EMAIL,TRANSIENT,PERSISTENT,UNSPECIFIED) default: EMAIL note: make sure values without blank spaces (EMAIL,TRANSIENT) |
||||
| sp.responseSkew | time difference between SP and IDP response. default: 90 (seconds) |
||||
| Service Provider endpoint | |||||
| sp.url.base | service provider application base url. | ||||
| sp.url.homePage | organization home page url. | ||||
| sp.url.errorPage | organization error page url. default: /error.html |
||||
| sp.url.login | service provider login uri (entry point). example: /sso/signin |
||||
| sp.url.logout | service provider logout uri (exit point). example: /sso/signout |
||||
| sp.url.metadata | service provider metadata uri. example: /sso/exchange/data |
||||
| sp.url.loginFilter | service provider Assertion Consumer Service (ACS) uri. example: /sso/web/signin |
||||
| sp.url.logoutFilter | service provider Single Logout Endpoint. example: /sso/web/signout |
||||
| sp.url.authSuccessRedirection | authentication success redirection uri. example: /auth/token |
||||
| Identity Provider configuration | |||||
| saml.idp.tenantId | tenant 'unique id'. Based on the value tenant is been identified. | ||||
| Identity Provider Metadata | |||||
| saml.idp.metadata.filePath | metadata file location. example: /Users/ranmanic/ping-idp.xml [or] https://sp.ranmanic.in/sso/exchange/data |
||||
| saml.idp.metadata.trust-check | metadata truest check. note: If certificate is expired make it to 'false'. But recommended value is 'true' |
||||
| saml.idp.metadata.type | metadata file resource type. supported values: FILE, URL |
- Service provider deployment instructions.. saml-service-provider/deployment
Ranjith Manickam | www.ranmanic.in @ 2019