github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/build/docker/keycloak/README.md

github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/build/docker/keycloak/README.md (about)

     1  To use this keycloak image, we suggest you to use this configuration settings:
     2  
     3  - Enable Login With SAML 2.0: `true`
     4  - Enable Synchronizing SAML Accounts With AD/LDAP: `true`
     5  - Override SAML bind data with AD/LDAP information: `false`
     6  - Identity Provider Metadata URL: empty string
     7  - SAML SSO URL: `http://localhost:8484/auth/realms/mattermost/protocol/saml`
     8  - Identity Provider Issuer URL: `http://localhost:9065/login/sso/SAML`
     9  - Identity Provider Public Certificate: The file `keycloak_cert.pem` in this same directory
    10  - Verify Signature: `true`
    11  - Service Provider Login URL: `http://localhost:9065/login/sso/saml`
    12  - Enable Encryption: `false`
    13  - Sign Request: `false`
    14  - Email Attribute: `email`
    15  - Username Attribute: `username`
    16  - Id Attribute: `id`
    17  - First Name Attribute: `firstName`
    18  - Last Name Attribute: `lastName`
    19  
    20  or overwrite your SamleSettings section with this settings in your config.json file (if you are not using
    21  database configuration) and restart the server:
    22  
    23  ```json
    24      "SamlSettings": {
    25          "Enable": true,
    26          "EnableSyncWithLdap": true,
    27          "EnableSyncWithLdapIncludeAuth": false,
    28          "Verify": true,
    29          "Encrypt": false,
    30          "SignRequest": false,
    31          "IdpUrl": "http://localhost:8484/auth/realms/mattermost/protocol/saml",
    32          "IdpDescriptorUrl": "http://localhost:9065/login/sso/saml",
    33          "IdpMetadataUrl": "",
    34          "ServiceProviderIdentifier": "http://localhost:9065/login/sso/saml",
    35          "AssertionConsumerServiceURL": "http://localhost:9065/login/sso/saml",
    36          "SignatureAlgorithm": "RSAwithSHA1",
    37          "CanonicalAlgorithm": "Canonical1.0",
    38          "ScopingIDPProviderId": "",
    39          "ScopingIDPName": "",
    40          "IdpCertificateFile": "saml-idp.crt",
    41          "PublicCertificateFile": "",
    42          "PrivateKeyFile": "",
    43          "IdAttribute": "id",
    44          "GuestAttribute": "",
    45          "EnableAdminAttribute": false,
    46          "AdminAttribute": "",
    47          "FirstNameAttribute": "firstName",
    48          "LastNameAttribute": "lastName",
    49          "EmailAttribute": "email",
    50          "UsernameAttribute": "username",
    51          "NicknameAttribute": "",
    52          "LocaleAttribute": "",
    53          "PositionAttribute": "",
    54          "LoginButtonText": "SAML",
    55          "LoginButtonColor": "#34a28b",
    56          "LoginButtonBorderColor": "#2389D7",
    57          "LoginButtonTextColor": "#ffffff"
    58      },
    59  ```