Hi Wel, Did you test SAML2 app? there is an experimental saml2 app in web2py_2.9.6 I need to use saml2(web2py app) as service provider with onelogin (which is idp)
I am getting an error (Screen shot is attached PFA). here is my config settings 1) *private/sp_conf.py* # Make sure the same port number appear in service_conf.py BASE = "http://localhost:8000"; APPNAME = "saml2" PATH = "/home/prasad/Prasad/web2py_2.9.6_beta/applications/saml2/private/" CONFIG = { "entityid": "%s/saml2/static/sp.xml" % BASE, 'entity_category': [COC], "accepted_time_diff": 5, # very important "description": "Example SP", "service": { "sp": { "endpoints": { "assertion_consumer_service": [ ("%s/%s/default/user/login" % (BASE, APPNAME), BINDING_HTTP_REDIRECT), ], } }, }, "key_file": "%s/pki/mykey.pem" % PATH, "cert_file": "%s/pki/mycert.pem" % PATH, "xmlsec_binary": xmlsec_path, "metadata": {"local": [PATH+"idp.xml"]}, "name_form": NAME_FORMAT_URI, } Here I've copied *assertion_consumer_service url *(http://localhost:8000/saml2/default/login ) in onelogin's app's SAML consumer url 2) I've downloaded a meta data file from onelogin app. copy it to *saml/private/*3) Created a *static/sp.xml file *as make_metadata.py sp_conf > ../static/sp.xml 4) Ran web2py server * (python webpy.py)*5) Selected SAML2 app through administrator interface, 6) Clicked on login tab and It is redirecting to onelogin app's login window. 7) Entered username and password in onelogin app It it redirecting me to http://localhost:8000/saml2/default/login (which is a assertion consumer url) and I am getting an internal error . <type 'exceptions.AttributeError'> 'dict' object has no attribute 'assertion' Let me know If there are wrong settings in my app. Could you share your app settings (including web2py app and idp settings) On Thursday, August 21, 2014 7:35:29 PM UTC+5:30, Wei Wang wrote: > > I have the need to use a SAML2 identity provider (specifically, a NetIQ > product) for authentication and authorization in some web2py apps. > > I searched in this group, also googled "web2py and SAML", but did not find > anything that seems readily available. > > My thoughts on building a "Service Provider" (in SAML2 terminology) app in > web2py alongside other apps: > > - The SAML2 service provider would be "/saml2sp": > - The saml2sp app communicates to the SAML2 Id provider for > authentication and authorization; > - A web2py app is configured to use "cas_auth", with > "localhost/saml2sp" as the CAS server base URL; > > Does something like this exist? Does that sound reasonable? > > Thanks for any pointers, comments, thoughts. > > Wei > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
