...
| Code Block |
|---|
abiquo.auth.module = saml
#SAML
abiquo.saml.mode = multi
abiquo.login.samesite = strict
# Mandatory property to control the maximum time in seconds that users can use
# SAML single sign-on after their initial authentication with the IDP.
# The default represents 24 days.
abiquo.saml.authentication.maxage = 2073600
abiquo.saml.redirect.endpoint = https://{$ENV_FQDN}/ui
abiquo.saml.redirect.error.endpoint = https://{$ENV_FQDN}/ui/?error
abiquo.saml.keys.keystore.path = /opt/abiquo/config/saml/keystore.jks
abiquo.saml.keys.keystore.password = changeit
abiquo.saml.keys.signing.alias = Test
abiquo.saml.keys.signing.password = changeit
abiquo.saml.keys.encryption.alias = Test
abiquo.saml.keys.encryption.password = changeit
abiquo.saml.keys.metadata.sign = false
abiquo.saml.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
abiquo.saml.metadata.mode = generated
# entityID from step 11.
abiquo.saml.metadata.identityprovider.default.id = http://www.okta.com/xxxxXXXxxx
# For >1 IDPs, add commas between XML paths
abiquo.saml.metadata.identityprovider.path = /opt/abiquo/config/saml/idp_metadata.xml
# For >1 IDPs, add commas between pairs of values
# your application metadata link from step 10.
abiquo.saml.metadata.identityprovider.userdomain.map = https://deldev-XXXXXXXXX.okta.com/app/xxxXXXxxx/sso/saml/metadata
abiquo.saml.attributes.role.claim = abq-role
abiquo.saml.attributes.enterprise.claims = abq-enterprise
abiquo.saml.attributes.user.id.claim = givenname
abiquo.saml.attributes.user.firstname.claim = name
abiquo.saml.attributes.user.lastname.claim = surname
abiquo.saml.attributes.user.email.claim = emailaddress |
...