Odoo integration doc
This commit is contained in:
parent
dfbdd7015a
commit
dfe080fae1
|
@ -35,6 +35,7 @@ Applications
|
|||
applications/mobilizon
|
||||
applications/nextcloud
|
||||
applications/obm
|
||||
applications/odoo
|
||||
applications/office365
|
||||
applications/publik
|
||||
applications/phpldapadmin
|
||||
|
@ -118,6 +119,7 @@ Application Configuration
|
|||
.. image:: applications/mobilizon_logo.jpg :doc:`Mobilizon<applications/mobilizon>` ✔
|
||||
.. image:: applications/nextcloud-logo.png :doc:`NextCloud<applications/nextcloud>` ✔
|
||||
.. image:: applications/obm_logo.png :doc:`OBM<applications/obm>` ✔
|
||||
.. image:: applications/odoo_logo.png :doc:`Odoo<applications/odoo>` ✔
|
||||
.. image:: applications/logo_office_365.png :doc:`Office 365<applications/office365>` ✔
|
||||
.. image:: applications/logo-publik.png :doc:`Publik<applications/publik>` ✔
|
||||
.. image:: applications/phpldapadmin_logo.png :doc:`phpLDAPAdmin<applications/phpldapadmin>` ✔
|
||||
|
|
88
doc/sources/admin/applications/odoo.rst
Normal file
88
doc/sources/admin/applications/odoo.rst
Normal file
|
@ -0,0 +1,88 @@
|
|||
Odoo
|
||||
====
|
||||
|
||||
|image0|
|
||||
|
||||
Presentation
|
||||
------------
|
||||
|
||||
Odoo is a suite of business management software tools including, for example, CRM, e-commerce, billing, accounting, manufacturing, warehouse, project management, and inventory management.
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
This guide explains how to authenticate your Odoo users using LemonLDAP::NG 's SAML provider.
|
||||
|
||||
Make sure you have :doc:`set up LemonLDAP::NG a SAML IDP <../samlservice>`
|
||||
|
||||
.. warning::
|
||||
Odoo requires your public SAML Signature key to be in `BEGIN CERTIFICATE`
|
||||
format, if this is not the case, you need to :ref:`convert your SAML key to
|
||||
a certificate<samlservice-convert-certificate>`)
|
||||
|
||||
.. warning::
|
||||
Odoo requires LemonLDAP::NG 2.0.14 in order to handle RelayState correctly
|
||||
|
||||
Configuring Odoo
|
||||
----------------
|
||||
|
||||
Pre-requisites
|
||||
~~~~~~~~~~~~~~
|
||||
|
||||
On the Odoo side, you need to install the ``auth_saml`` module from OCA:
|
||||
|
||||
* https://github.com/OCA/server-auth/tree/14.0/auth_saml
|
||||
* https://odoo-community.org/shop/product/saml2-authentication-3211
|
||||
|
||||
This module requires the ``pysaml2`` and ``xmlsec1`` python dependencies.
|
||||
|
||||
Configuration
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
After installing the module, you will see two new menus in the Odoo admin:
|
||||
|
||||
|
||||
* Settings » Users & Companies » SAML Providers
|
||||
* And a new *SAML* tab in Settings » Users & Companies » Users
|
||||
|
||||
|
||||
Creating a new SAML Provider
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Create a new SAML provider in Settings » Users & Companies » SAML Providers
|
||||
|
||||
* Choose a name
|
||||
* Copy the metadata from https://auth.example.com/saml/metadata/idp in the *Identity Provider Metadata* field
|
||||
* Import a certificate and a private key in the *Odoo Public Certificate* and *Odoo Private Key* fields
|
||||
|
||||
To generate a key/certificate pair, you can run the following command::
|
||||
|
||||
openssl req -x509 -newkey rsa:4096 -keyout odoo-key.pem -out odoo-cert.pem -sha256 -days 3650 -nodes
|
||||
|
||||
* Select a signature method in the *Signature Algorithm*, such as *SIG_RSA_SHA256*
|
||||
* If you do not want to use the email address to match between LLNG and Odoo accounts, set the *Identity Provider matching attribute* to a different value
|
||||
* All other fields may be left to default values
|
||||
|
||||
Configuring users
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
For each user you want to enable SAML on, you need to edit them in Settings » Users & Companies » Users
|
||||
|
||||
In the *SAML* tab, set the SAML provider you just created, and their email address as the identifier.
|
||||
|
||||
Configuring LemonLDAP
|
||||
---------------------
|
||||
|
||||
Add a new :ref:`new SAML Service Provider to the LemonLDAP::NG configuration<samlidp-register-sp>`
|
||||
with the following parameters:
|
||||
|
||||
* **Metadata**
|
||||
* Copy the Metadata found at the URL referenced in Odoo's Settings » Users & Companies » SAML Providers menu » Your provider » Metadata URL
|
||||
* **Exported Attributes**
|
||||
* Declare the attribute that you set in Odoo's *Identity Provider matching attribute*
|
||||
* If you are using the email, you don't need to declare anything
|
||||
|
||||
|
||||
.. |image0| image:: /applications/odoo_logo.png
|
||||
:class: align-center
|
||||
|
BIN
doc/sources/admin/applications/odoo_logo.png
Normal file
BIN
doc/sources/admin/applications/odoo_logo.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 3.2 KiB |
|
@ -58,6 +58,8 @@ IDP related metadata.
|
|||
In both cases, the entityID of the LemonLDAP::NG server is
|
||||
http://auth.example.com/saml/metadata
|
||||
|
||||
.. _samlidp-register-sp:
|
||||
|
||||
Register partner Service Provider on LemonLDAP::NG
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
|
|
|
@ -153,6 +153,9 @@ To define keys, you can:
|
|||
If you are running a version under 2.0.10, the choice of a signature
|
||||
algorithm will affect all SP and IDP.
|
||||
|
||||
|
||||
.. _samlservice-convert-certificate:
|
||||
|
||||
Converting a RSA public key to a certificate
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user