github.com/haalcala/mattermost-server-change-repo@v0.0.0-20210713015153-16753fbeee5f/build/docker/keycloak/README.md

github.com/haalcala/mattermost-server-change-repo@v0.0.0-20210713015153-16753fbeee5f/build/docker/keycloak/README.md (about)

     1  To use this keycloak image, we suggest you to use this configuration settings:
     2  
     3  - Enable Login With SAML 2.0: `true`
     4  - Enable Synchronizing SAML Accounts With AD/LDAP: `true`
     5  - Override SAML bind data with AD/LDAP information: `false`
     6  - Identity Provider Metadata URL: empty string
     7  - SAML SSO URL: `http://localhost:8484/auth/realms/mattermost/protocol/saml`
     8  - Identity Provider Issuer URL: h`ttp://localhost:8065/login/sso/SAML`
     9  - Identity Provider Public Certificate: The file `keycloak_cert.pem` in this same directory
    10  - Verify Signature: `true`
    11  - Service Provider Login URL: `http://localhost:8065/login/sso/saml`
    12  - Enable Encryption: `false`
    13  - Sign Request: `false`
    14  - Email Attribute: `email`
    15  - Username Attribute: `username`
    16  - Id Attribute: `id`
    17  - First Name Attribute: `firstName`
    18  - Last Name Attribute: `lastName`
    19  
    20  or overwrite your SamleSettings section with this settings in your config.json file (if you are not using
    21  database configuration) and restart the server:
    22  
    23  ```json
    24      "SamlSettings": {
    25          "Enable": true,
    26          "EnableSyncWithLdap": true,
    27          "EnableSyncWithLdapIncludeAuth": false,
    28          "Verify": true,
    29          "Encrypt": false,
    30          "SignRequest": false,
    31          "IdpUrl": "http://localhost:8484/auth/realms/mattermost/protocol/saml",
    32          "IdpDescriptorUrl": "http://localhost:8065/login/sso/saml",
    33          "IdpMetadataUrl": "",
    34          "AssertionConsumerServiceURL": "http://localhost:8065/login/sso/saml",
    35          "SignatureAlgorithm": "RSAwithSHA1",
    36          "CanonicalAlgorithm": "Canonical1.0",
    37          "ScopingIDPProviderId": "",
    38          "ScopingIDPName": "",
    39          "IdpCertificateFile": "saml-idp.crt",
    40          "PublicCertificateFile": "",
    41          "PrivateKeyFile": "",
    42          "IdAttribute": "id",
    43          "GuestAttribute": "",
    44          "EnableAdminAttribute": false,
    45          "AdminAttribute": "",
    46          "FirstNameAttribute": "firstName",
    47          "LastNameAttribute": "lastName",
    48          "EmailAttribute": "email",
    49          "UsernameAttribute": "username",
    50          "NicknameAttribute": "",
    51          "LocaleAttribute": "",
    52          "PositionAttribute": "",
    53          "LoginButtonText": "SAML",
    54          "LoginButtonColor": "#34a28b",
    55          "LoginButtonBorderColor": "#2389D7",
    56          "LoginButtonTextColor": "#ffffff"
    57      },
    58  ```