Versions Compared

Old Version 10

changes.mady.by.user Oyeniyi.Oyelade

Saved on

compared with

New Version Current

changes.mady.by.user Oyeniyi.Oyelade

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Source: InAcademiaSchematic for dev.ditaa

(1)

...

Relying Party

A OIDC relaying relying party who mimics the role of the merchant website asking for the validation.

For this we use a vanilla Apache server together with apache mod OIDC
Setup Based on the client setup as is described for InAcademia here: https://github.com/InAcademia/Client-docs/blob/master/Apache2%2Bmod_auth_oidc.md

...

As we do not need real identities from users for development we use a mock IdP which can be set up form these Ansible scripts: https://github.com/surfnet-niels/simplesaml-idp

Detailed information on deploying and running this IdP in docker can be found

(3) InAcademia Core SVS

The core of the InAcademia service is offered by SaToSa, which we have extended by the SVS functionality

SaToSa can be found here: https://github.com/IdentityPython/SATOSA

SVS is here: https://github.com/InAcademiainacademia-development/svs

Pound is being used to proxy the SaToSa to the outside world. It also takes care of https offloading

...

A start/stop shell script will start the docker and dynamically inject config like mount points, network config etc.

An example is provided below for the IdenityProvider component based on SimpleSamlPhp

Code Block
ssp-idp
   - config/
     - ansible
       - idp.yml
       - inventory
     - metadata/
       - saml20-idp-hosted.php
       - saml20-idp-remote.php
       - saml20-sp-remote.php
   - Dockerfile
   - build_ssp-idp.sh
   - run_ssp-idp.sh

The docker file is completely self contained, so it will build the IdP based on the condig and by pulling relevant repositories if needed

Code Block
FROM ubuntu:16.04

EXPOSE 443

RUN apt -y update && apt -y full-upgrade && apt -y autoremove && apt install -y sudo dnsutils git software-properties-common
RUN apt-add-repository -y ppa:ansible/ansible && apt install -y ansible

RUN git clone https://github.com/surfnet-niels/simplesaml-idp.git /tmp/ansible/simplesaml-idp
COPY config/ansible/inventory /tmp/ansible/simplesaml-idp/
COPY config/ansible/idp.yml /tmp/ansible/simplesaml-idp/group_vars/

RUN  ansible-playbook -i /tmp/ansible/simplesaml-idp/inventory /tmp/ansible/simplesaml-idp/simplesaml-idp.yml


COPY config/metadata /var/www/simplesamlphp/metadata 

ENTRYPOINT service apache2 start && /bin/bash

Now run the run script to build and run our docker based IdP

...

For the components we have detailed pages describing the setup: