mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-03-02 17:09:18 +00:00
b8733eab00
The change replaces the Vagrant box based fixture with a fixture based on docker compose and 2 docker images, one for an openldap server and one for a Shibboleth SAML Identity Provider. The configuration of both openldap and shibboleth is identical to the previous one, in order to minimize required changes in the tests
123 lines
6.6 KiB
XML
123 lines
6.6 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
|
xmlns:context="http://www.springframework.org/schema/context"
|
|
xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
|
|
xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
|
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
|
|
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
|
|
|
|
default-init-method="initialize"
|
|
default-destroy-method="destroy">
|
|
|
|
<bean id="shibboleth.DefaultErrorView" class="java.lang.String" c:_0="%{idp.errors.defaultView:error}" />
|
|
|
|
<!-- Map local events to alternate view templates. -->
|
|
<util:map id="shibboleth.EventViewMap">
|
|
<!-- <entry key="EventToChange" value="viewname" /> -->
|
|
</util:map>
|
|
|
|
<!--
|
|
Map of events to trap and handle with local views, without returning to SPs.
|
|
The map values are flags indicating whether to write an audit log record.
|
|
-->
|
|
<util:map id="shibboleth.LocalEventMap">
|
|
<entry key="ContextCheckDenied" value="true" />
|
|
<entry key="ImpersonationViolation" value="true" />
|
|
<entry key="AttributeReleaseRejected" value="true" />
|
|
<entry key="TermsRejected" value="true" />
|
|
<entry key="RuntimeException" value="false" />
|
|
<entry key="InvalidEvent" value="false" />
|
|
<!--
|
|
<entry key="IdentitySwitch" value="false" />
|
|
<entry key="NoPotentialFlow" value="false" />
|
|
-->
|
|
</util:map>
|
|
|
|
<!-- Mappings of error events during requests to SAML status codes and SOAP fault codes. -->
|
|
|
|
<util:map id="shibboleth.SAML1StatusMappings">
|
|
<entry key="InvalidMessageVersion" value-ref="shibboleth.SAML1Status.VersionMismatch" />
|
|
|
|
<entry key="UnableToDecode" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="UnableToEncode" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="MessageReplay" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="MessageExpired" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="MessageAuthenticationError" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="RequestUnsupported" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="NoPassive" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="NoPotentialFlow" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="NoCredentials" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="InvalidCredentials" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="AccountError" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="IdentitySwitch" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="AuthenticationException" value-ref="shibboleth.SAML1Status.Requester" />
|
|
|
|
<entry key="InvalidSubject" value-ref="shibboleth.SAML1Status.Requester" />
|
|
<entry key="SubjectCanonicalizationError" value-ref="shibboleth.SAML1Status.Requester" />
|
|
</util:map>
|
|
|
|
<util:map id="shibboleth.SAML2StatusMappings">
|
|
<entry key="InvalidMessageVersion" value-ref="shibboleth.SAML2Status.VersionMismatch" />
|
|
|
|
<entry key="UnableToDecode" value-ref="shibboleth.SAML2Status.RequestUnsupported" />
|
|
|
|
<entry key="UnableToEncode" value-ref="shibboleth.SAML2Status.UnsupportedBinding" />
|
|
|
|
<entry key="MessageReplay" value-ref="shibboleth.SAML2Status.RequestDenied" />
|
|
<entry key="MessageExpired" value-ref="shibboleth.SAML2Status.RequestDenied" />
|
|
<entry key="MessageAuthenticationError" value-ref="shibboleth.SAML2Status.RequestDenied" />
|
|
|
|
<entry key="RequestUnsupported" value-ref="shibboleth.SAML2Status.NoAuthnContext" />
|
|
|
|
<entry key="NoPassive" value-ref="shibboleth.SAML2Status.NoPassive" />
|
|
|
|
<entry key="NoPotentialFlow" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="NoCredentials" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="InvalidCredentials" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="AccountError" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="IdentitySwitch" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
<entry key="AuthenticationException" value-ref="shibboleth.SAML2Status.AuthnFailed" />
|
|
|
|
<entry key="InvalidSubject" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
|
|
<entry key="SubjectCanonicalizationError" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
|
|
<entry key="SessionNotFound" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
|
|
|
|
<entry key="InvalidNameIDPolicy" value-ref="shibboleth.SAML2Status.InvalidNameIDPolicy" />
|
|
|
|
<entry key="ChannelBindingsError" value-ref="shibboleth.SAML2Status.ChannelBindingsError" />
|
|
</util:map>
|
|
|
|
<util:map id="shibboleth.SOAPFaultCodeMappings">
|
|
<entry key="InvalidMessageVersion" value-ref="shibboleth.SOAP.VersionMismatch" />
|
|
|
|
<entry key="UnableToDecode" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="MessageReplay" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="MessageExpired" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="MessageAuthenticationError" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="RequestUnsupported" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="NoPassive" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="NoPotentialFlow" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="NoCredentials" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="InvalidCredentials" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="AccountError" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="AuthenticationException" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="InvalidSubject" value-ref="shibboleth.SOAP.Client" />
|
|
<entry key="SubjectCanonicalizationError" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="InvalidNameIDPolicy" value-ref="shibboleth.SOAP.Client" />
|
|
|
|
<entry key="ChannelBindingsError" value-ref="shibboleth.SOAP.Client" />
|
|
</util:map>
|
|
|
|
</beans>
|