mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-03-05 02:19:25 +00:00
b8733eab00
The change replaces the Vagrant box based fixture with a fixture based on docker compose and 2 docker images, one for an openldap server and one for a Shibboleth SAML Identity Provider. The configuration of both openldap and shibboleth is identical to the previous one, in order to minimize required changes in the tests
65 lines
2.8 KiB
XML
65 lines
2.8 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
xmlns:context="http://www.springframework.org/schema/context"
|
|
xmlns:util="http://www.springframework.org/schema/util"
|
|
xmlns:p="http://www.springframework.org/schema/p"
|
|
xmlns:c="http://www.springframework.org/schema/c"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
|
|
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
|
|
|
|
default-init-method="initialize"
|
|
default-destroy-method="destroy">
|
|
|
|
<!-- ========================= SAML NameID Generation ========================= -->
|
|
|
|
<!--
|
|
These generator lists handle NameID/Nameidentifier generation going forward. By default,
|
|
transient IDs for both SAML versions are enabled. The commented examples are for persistent IDs
|
|
and generating more one-off formats based on resolved attributes. The suggested approach is to
|
|
control their use via release of the underlying source attribute in the filter policy rather
|
|
than here, but you can set a property on any generator called "activationCondition" to limit
|
|
use in the most generic way.
|
|
|
|
Most of the relevant configuration settings are controlled using properties; an exception is
|
|
the generation of arbitrary/custom formats based on attribute information, examples of which
|
|
are shown below.
|
|
|
|
-->
|
|
|
|
<!-- SAML 2 NameID Generation -->
|
|
<util:list id="shibboleth.SAML2NameIDGenerators">
|
|
|
|
<ref bean="shibboleth.SAML2TransientGenerator" />
|
|
|
|
<!-- Uncommenting this bean requires configuration in saml-nameid.properties. -->
|
|
<!--
|
|
<ref bean="shibboleth.SAML2PersistentGenerator" />
|
|
-->
|
|
|
|
<!--
|
|
<bean parent="shibboleth.SAML2AttributeSourcedGenerator"
|
|
p:omitQualifiers="true"
|
|
p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
|
p:attributeSourceIds="#{ {'mail'} }" />
|
|
-->
|
|
|
|
</util:list>
|
|
|
|
<!-- SAML 1 NameIdentifier Generation -->
|
|
<util:list id="shibboleth.SAML1NameIdentifierGenerators">
|
|
|
|
<ref bean="shibboleth.SAML1TransientGenerator" />
|
|
|
|
<!--
|
|
<bean parent="shibboleth.SAML1AttributeSourcedGenerator"
|
|
p:omitQualifiers="true"
|
|
p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
|
|
p:attributeSourceIds="#{ {'mail'} }" />
|
|
-->
|
|
|
|
</util:list>
|
|
|
|
</beans>
|