Add doc for confluence
This commit is contained in:
parent
5fe369c828
commit
2f240cc936
|
@ -10,6 +10,7 @@ Applications
|
|||
applications/awx
|
||||
applications/bugzilla
|
||||
applications/bigbluebutton
|
||||
applications/confluence
|
||||
applications/cornerstone
|
||||
applications/discourse
|
||||
applications/django
|
||||
|
@ -94,6 +95,7 @@ Application Configuration
|
|||
.. image:: applications/logo-awx.png :doc:`AWX (Ansible Tower)<applications/awx>` ✔
|
||||
.. image:: applications/bigbluebutton-logo.png :doc:`BigBlueButton<applications/bigbluebutton>` ✔
|
||||
.. image:: applications/bugzilla_logo.png :doc:`Bugzilla<applications/bugzilla>` ✔
|
||||
.. image:: applications/confluence.png :doc:`Confluence<applications/confluence>` ✔ ✔
|
||||
.. image:: applications/csod_logo.png :doc:`Cornerstone<applications/cornerstone>` ✔
|
||||
.. image:: applications/discourse.jpg :doc:`Discourse<applications/discourse>` ✔ ✔
|
||||
.. image:: applications/django_logo.png :doc:`Django<applications/django>` ✔
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 6.2 KiB |
|
@ -0,0 +1,65 @@
|
|||
Confluence
|
||||
==========
|
||||
|
||||
Presentation
|
||||
------------
|
||||
|
||||
Confluence is a web-based corporate wiki developed by Atlassian.
|
||||
|
||||
It is compatible with SAML and OpenID Connect. This tutorial will focus on SAML.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
|
||||
You must first configure LemonLDAP::NG as a :doc:`SAML Identity Provider<../idpsaml>`.
|
||||
|
||||
Configure SAML in Confluence
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
In the SSO configuration page, choose SAML as the authentication method. And set the following parameters.
|
||||
|
||||
Don't forget to replace ``auth.example.com`` with your actual domain.
|
||||
|
||||
* Single sign on issuer: ``https://auth.example.com/saml/metadata``
|
||||
* Identity provider single sign on URL: ``https://auth.example.com/saml/singleSignOn``
|
||||
* X.509 certificate: You can find this certificate in the manager: SAML2 Service » Security » Signature » Public key
|
||||
* Username mapping attribute: ``${uid}``
|
||||
|
||||
.. danger:: Make sure the certificate you copy into Confluence starts with BEGIN CERTIFICATE and not with BEGIN PRIVATE KEY
|
||||
|
||||
Write down the *Assertion Consumer Service URL* and the *Audience URL*, that Confluence is showing you, you will need it to configure LemonLDAP::NG
|
||||
|
||||
Configure LemonLDAP::NG
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
In the LemonLDAP::NG Manager, create a new *SAML Service Provider*
|
||||
|
||||
In *Metadata*, copy the following XML document, and don't forget to change ``AUDIENCE_URL`` and ``CONSUMER_SERVICE_URL`` the URLs with the values given by Confluence.
|
||||
|
||||
::
|
||||
|
||||
<?xml version="1.0"?>
|
||||
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
|
||||
entityID="AUDIENCE_URL">
|
||||
<md:SPSSODescriptor
|
||||
AuthnRequestsSigned="false"
|
||||
WantAssertionsSigned="false"
|
||||
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
|
||||
<md:AssertionConsumerService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||
Location="CONSUMER_SERVICE_URL"
|
||||
index="1"/>
|
||||
</md:SPSSODescriptor>
|
||||
</md:EntityDescriptor>
|
||||
|
||||
In *Exported Attributes*, add a new attribute:
|
||||
|
||||
* Variable name: the session variable containing user logins
|
||||
* Attribute name: ``uid``
|
||||
* Mandatory: ``On``
|
||||
|
||||
Finally, in *Options* » *Signature*, set
|
||||
|
||||
* Check SSO message signature: Off
|
||||
* Check SLO message signature: Off
|
Loading…
Reference in New Issue