Commit Graph

6 Commits

Author SHA1 Message Date
Chris Moore 07c4019e33
Add new zip for example SAML configuration files that reflect latest version (#3665)
* Add new zip for example SAML configuration files that reflect latest version

These changes add a new saml-example-custom.zip file containing `customize-docker-compose.yml`, `customize-config.yml`, and `customize-opensearch-dashboards.yml` files for use as the fully functioning SAML example. These changes also include edits to documentation so that steps accord with the new files.

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Apply suggestions from code review

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-07-06 16:59:26 -05:00
Adam Gabryś b52424e67b
Describe SAML supported private key format and encryption algorithm (#1855)
OpenSearch allows signing requests by using a private key in the PKCS#8 format. If a user wants to use an encrypted key, the key must be encrypted with a PKCS#12-compatible algorithm.

The `SAML -> Request signing` documentation is extended with the requirements. It should save time of the customers who use wrong key formats or a good key format, but encrypted with an unsupported algorithm (e.g. PKCS#5 2.0 compatible algorithm).

Signed-off-by: Adam Gabryś <adam.gabrys@live.com>
2023-05-18 12:08:11 -05:00
Chris Moore 2d20f539ec
Fix cookie-splitting setting example for SAML backend documentation (#3949)
* fix#3947 cookie splitting fix

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3947 cookie splitting fix

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-05-03 10:05:29 -07:00
Chris Moore 773559ac75
Add new settings for SAML and OIDC that allow for cookie splitting (#3807)
* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie splitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-04-24 13:42:44 -07:00
Chris Moore 15d324d30c
Add documentation for jwt_clock_skew_tolerance_seconds setting that resolves authentication errors (#3251)
* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-03-28 13:48:18 -07:00
Chris Moore d04e88b496
Reorganize Configuration section of the Security TOC (#2212)
* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Rename security section. Fix links. Add redirects

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
Co-authored-by: Naarcha-AWS <naarcha@amazon.com>
2023-01-27 10:12:47 -08:00