Adding ssh-saml

From Data.kit.edu
Jump to: navigation, search

Setup reg-app ssh service

The following is an example of a service (saml-enabled ssh) configuration.

  • At the administrative interface choose "Services" in the "Administration" pane. Click on "Add service" link in the main window.
  • Enter the mandatory values, e.g.
    • Name: "saml-ssh test service"
    • Short Name: "samlssh"
    • Registrierungs Bean: "edu.kit.scc.webreg.service.reg.ldap.LdapRegisterWorkflow2"
  • Save the settings
  • In the main window click on the service name ("saml-ssh test service"). Click the "Edit" at the bottom
  • Set the value of "Veröffentlicht" to "Yes"
  • For each of the following attribute-value pairs (use the values appropriate for your own setup), enter the attribute in the first field of the "New property" line and the value in the second, and click the "Add" link to the right:
    • bind_dn uid=admin,ou=system
    • bind_password secret
    • ldap_group_base ou=groups,ou=ssh,dc=test,dc=kit,dc=edu
    • ldap_user_base ou=users,ou=ssh,dc=test,dc=kit,dc=edu
    • ldap_connect ldap://localhost:10389
    • ldap_base ou=ssh,dc=test,dc=kit,dc=edu
    • connection_security none
  • Enter the short description of the service and save the settings

Optionally, you can add policies to the service. For example:

  • In the "Policy" section, click on "Add policy" link
  • Enter the name of the policy, e.g. "testpolicy". Save the policy
  • Click on the policy name ("testpolicy") in the "Policy" section
  • In the "Agreement text" section click on "Add text" link. Enter the policy element name, e.g. "Policy agreement". Save the element.
  • Click on the added policy element ("Policy agreement") in the "Agreement text" section. In the "Admin role" field enter the text for the agreement, e.g. "This service is used AS IS and without any warranty". Save the text
  • Click "Edit" link in the "Policy" section. Select the "Actual agreement", e.g. "Policy agreement" in the drop-down menu. Save the setting
Personal tools