Public Repository

Last pushed: 4 months ago
Short Description
Short description is empty for this repo.
Full Description


Base Repository:

This repository provides a docker image for SimplesamlPHP, backed by apache httpd, with added configurability through env variables, defaults and a theme for the cyclone project. It acts as a Samlbridge, serving as an Identity Provider (IDP) to one side, in our case Keycloak, and a Service Provider (SP) to a SAML Federation. It is configured to periodically (prompted by a separate cron container) refresh metadata from the SAML Federation and import IDP Metadata ONLY (through symlinking).

Furthermore, it filters received attributes and requires (using the SmartID module) at least one of the following from which the SmartID module chooses one as the identifying attribute (in the given order):

  • eduPersonUniqueID
  • eduPersonTargetedID
  • eduPersonPrincipalName
  • mail

The eduPersonTargetedID is further converted into a string for consumption by Keycloak.

How to use

Use image directly

You can use this image directly. There is a number of configuration options through env variables.

# Base entrypoint for calls to the individual components
# i.e. this is where the reverse proxy listens and which we expect
# the baseurl of the components to be, e.g.
# $FP_BASEURL/auth = Keycloak
# $FP_BASEURL/samlbridge = SimpleSamlPHP

# Shared Secret between the samlbridge and cron container
# Used by cron to prompt samlbridge to update idp metadata

# Samlbridge admin user password

# Samlbridge secret salt used to generate secure hashes

# Samlbridge technical contact information

# URL of the organization responsible for the samlbridge

# Displayed name of the organization responsible for the samlbridge

# Name of the organization responsible for the samlbridge
# Does not need to be suitable to display to end users

# Identifier of the authority that has registered this samlbridge

# Instant when this samlbridge was registered (e.g. 2015-01-01T08:00:00Z)

For more flexibility either overwrite configuration by providing your own files and mounting them into the container or extending the image.

Run example:

docker run -e SAMLBRIDGE_PASSWORD=admin -p 80:80 cycloneproject/samlbridge-base

For most deployments it is easier to use docker-compose with an accompanying .env file for configuration. See the base repository for examples.

Extend it

Extend from this image by using in your Dockerfile:

FROM cycloneproject/keycloak-postgres-base
Docker Pull Command