Cleanup mod_auth_mellon from the testsuite
closes #30869 Signed-off-by: mposolda <mposolda@gmail.com>
This commit is contained in:
mposolda
Marek Posolda
parent
a1445cd93f
commit
f1b8a983d2
25 changed files with 0 additions and 1815 deletions
|
|
@ -1,19 +0,0 @@
|
|||
# Mod_auth_mellon test
|
||||
|
||||
## Docker images
|
||||
|
||||
Each docker image contains apache + mod_auth_mellon and two html files unprotected (/) and protected (/auth).
|
||||
|
||||
## Build docker images
|
||||
|
||||
docker build -t apache-mellon docker/
|
||||
docker build -t apache-mellon2 docker2/
|
||||
|
||||
## Run docker image
|
||||
|
||||
docker run -d -p 8380:80 apache-mellon
|
||||
docker run -d -p 8480:80 apache-mellon2
|
||||
|
||||
## Run tests
|
||||
|
||||
mvn clean install [-Dapache.mod_auth_mellon.url=http://localhost:8380 -Dapache.mod_auth_mellon2.url=http://localhost:8480]
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
FROM ubuntu
|
||||
|
||||
RUN apt-get update && apt-get install -y apache2 && apt-get install -y libapache2-mod-auth-mellon
|
||||
|
||||
RUN mkdir /etc/apache2/mellon
|
||||
|
||||
COPY mellon/* /etc/apache2/mellon/
|
||||
|
||||
COPY auth_mellon.conf /etc/apache2/mods-enabled/
|
||||
|
||||
COPY www/* /var/www/html/
|
||||
|
||||
RUN mkdir /var/www/html/auth
|
||||
|
||||
COPY www/auth/* /var/www/html/auth/
|
||||
|
||||
CMD /usr/sbin/apache2ctl -D FOREGROUND
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
MellonCacheSize 100
|
||||
MellonLockFile "/run/mod_auth_mellon/lock"
|
||||
|
||||
# This is a server-wide configuration that will add information from the Mellon session to all requests.
|
||||
<Location />
|
||||
# Add information from the mod_auth_mellon session to the request.
|
||||
MellonEnable "info"
|
||||
|
||||
# Configure the SP metadata
|
||||
# This should be the files which were created when creating SP metadata.
|
||||
MellonSPPrivateKeyFile /etc/apache2/mellon/http_localhost_auth.key
|
||||
|
||||
MellonSPCertFile /etc/apache2/mellon/http_localhost_auth.cert
|
||||
MellonSPMetadataFile /etc/apache2/mellon/http_localhost_auth.xml
|
||||
|
||||
# IdP metadata. This should be the metadata file you got from the IdP.
|
||||
MellonIdPMetadataFile /etc/apache2/mellon/idp-metadata.xml
|
||||
|
||||
# The location all endpoints should be located under.
|
||||
# It is the URL to this location that is used as the second parameter to the metadata generation script.
|
||||
# This path is relative to the root of the web server.
|
||||
MellonEndpointPath /mellon
|
||||
|
||||
MellonSessionLength 2
|
||||
</Location>
|
||||
|
||||
<Location /auth>
|
||||
MellonEnable "auth"
|
||||
</Location>
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICrjCCAZYCCQDmdnUguf+VxTANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5s
|
||||
b2NhbGhvc3Q6ODM4MDAeFw0xNjAxMTkxMTUwMDdaFw0yNjAxMTgxMTUwMDdaMBkx
|
||||
FzAVBgNVBAMMDmxvY2FsaG9zdDo4MzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAuissRqhpCBR9nMuoRp+Varx151DKbmdL6NhNxWUOdaYF+fSpNmtG
|
||||
0NsaYV0Coz0Jak/6ap7EfhUeG83vh0G2xj6YTVYtXDVMnUPGmzHprvmFvTOfP4KI
|
||||
VM+1aHcPLfk8ED4ea6TOPDGBjmQw8Y9nZaMATDqEnO8IGaF/Jkl476O3Ek1Nd5yO
|
||||
Sday83Or1GkD+ZsZxvyc0CpGJYYaGPrsUFAXekebSlon5SIDerQB7WgABSoGOKDo
|
||||
I8Z+JU/KftwewrE0hr9GZ8HAYBJVt0XfuNSWL7ulmF2HC3RZ877FYk3Vg3KVQs7d
|
||||
yJfK3+V3pGyzOBp/xU61nVZrb0fvua1hWQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQCPR4RhXan28Eq/A6pGfJ29USKLqqDZChYy9q71Zi8hTs4+YYD6wMU8kz+MnTHC
|
||||
/Gf+6XFix7W07XxpFirZ5dkENn7lQUBklBmbxRdB9aW9WfJjx148a/I4+pXZalEI
|
||||
fqpnmWBYt4+/L9exu8tIwj/bshBmuO8Nn4ronTBDgrTCu5feyYO5l12hEdT2d+5r
|
||||
wc/Be66ftl8eOhsr9XJNidjoTVGB3SlHC6v0J7izgS+wT0UxIi3a3gwzW5ZsF4y8
|
||||
8iEicAVGmkjgmyJ5GoInQhVhLU2vlxgoULAEWKhF79JYChkGSg8dXAvqBfLm3OCg
|
||||
hxj9HldPc8mCn3gMt8F+POZL
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6KyxGqGkIFH2c
|
||||
y6hGn5VqvHXnUMpuZ0vo2E3FZQ51pgX59Kk2a0bQ2xphXQKjPQlqT/pqnsR+FR4b
|
||||
ze+HQbbGPphNVi1cNUydQ8abMemu+YW9M58/gohUz7Vodw8t+TwQPh5rpM48MYGO
|
||||
ZDDxj2dlowBMOoSc7wgZoX8mSXjvo7cSTU13nI5J1rLzc6vUaQP5mxnG/JzQKkYl
|
||||
hhoY+uxQUBd6R5tKWiflIgN6tAHtaAAFKgY4oOgjxn4lT8p+3B7CsTSGv0ZnwcBg
|
||||
ElW3Rd+41JYvu6WYXYcLdFnzvsViTdWDcpVCzt3Il8rf5XekbLM4Gn/FTrWdVmtv
|
||||
R++5rWFZAgMBAAECggEAMqBW9AgMN/RKjH8djccL/PCvJ25i/k78558a1xk6K2gw
|
||||
q96KvY/CvD05GU0P0JBipRSGxsPSL29StsDz6FZIe/S9uho7T5327bVmpwGVyM12
|
||||
PxNwtPasWFP7wyLNb/UdDlW2NBOnOdtEnhJE9QvIVG1VQWWQdpTSIRY325OTXacy
|
||||
/0h4j9MR5qzEhSjsnQ/YdHfNNHU2WFSisl5JLmhEdesdcEpL9ONDX0DAxujrWpuC
|
||||
x1UQY7IIW2QzL1j8AWBGakFYRw18AJBkw7MkNct4LwcfWGHtgCQtD6PF5Xm6KeVA
|
||||
QAzNo5vv+DZu9jjV8psYnQx1fJYEK88triqZ9Nv1OQKBgQDbH4pELjyuAvZUdUb3
|
||||
bpZnV5U5i7cSURUdTkyKMJL4tgO/7riuDuyaZBxAZ60/tjmZ2c470udmI0RGVcGd
|
||||
6QXPAqYZf6sV7Mh5TDrH5lG+zhPLfM26k6lNj7btm3xRQAaq9OPKSxPV8EZCQxNu
|
||||
lU9QdsQMfzZ8B8ydwo7Z5d0xqwKBgQDZf9r4KQCzzwpEUnyLZv51Yp2J3qxvYhw2
|
||||
RXEv4xllMVSJ8YxlIMdwy/k1C5cO7XOOuNH0gKMgpjT1bPTjUoWsa7qDrhTOZoNq
|
||||
ApPXk+GgscQBCB6zZiCK5xYkw5hFXoe3mGWDr6984gXf4WX8I6QE1u0YVT3gjpEM
|
||||
4wtrY4O9CwKBgQCOlySrn4b/GZBgf3yx0PXww86ohuGX+smJq4UlO9y4GgGwqVDm
|
||||
e3G+Oj0kMBNObW9oTZLl3SWVkoeAWZfIAXY1Mp0R5MFZYB9Ix7FMmfVB++pntYxO
|
||||
yH4Yqde5IUAxwz9Tik6dOmPrCRM/VVTU1japvs9u7m1vIsglNREufGWHRwKBgCgL
|
||||
NCNwWSLBwaAml6uKwNqX121kw9aV95++VUJ9y1UoKepjwHd1+4I266Dqi1tCOH5U
|
||||
ZMNhU6dVMnblIokfzmCaTPKlgEsn8JX594I/RdEyKWYPOqfI68DnHtqR8F0FNHOG
|
||||
6Vm/ZM3XR0Ga3A35+d6yO2C5gPTxCp+Wxal13vFVAoGAHO5T3egM/30MsSAexSbt
|
||||
LdTTmIOxuVGWriRHPM8nOl24/ToE10YlslZTG/pfVP2LFuh6gySuR8NXWdRx26iP
|
||||
3SWv0r3L/o0QrZXPdngTVrvi0t9sCzOXFW1+YrLO4YCX822LEXcFpTQHeYs95zAG
|
||||
HP19NdUCeAl8/YFqifhpHvo=
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -1,91 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<EntityDescriptor
|
||||
entityID="http://localhost:8380/auth"
|
||||
xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
|
||||
<SPSSODescriptor
|
||||
AuthnRequestsSigned="true"
|
||||
WantAssertionsSigned="true"
|
||||
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<KeyDescriptor use="signing">
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
<ds:X509Data>
|
||||
<ds:X509Certificate>MIICrjCCAZYCCQDmdnUguf+VxTANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5s
|
||||
b2NhbGhvc3Q6ODM4MDAeFw0xNjAxMTkxMTUwMDdaFw0yNjAxMTgxMTUwMDdaMBkx
|
||||
FzAVBgNVBAMMDmxvY2FsaG9zdDo4MzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAuissRqhpCBR9nMuoRp+Varx151DKbmdL6NhNxWUOdaYF+fSpNmtG
|
||||
0NsaYV0Coz0Jak/6ap7EfhUeG83vh0G2xj6YTVYtXDVMnUPGmzHprvmFvTOfP4KI
|
||||
VM+1aHcPLfk8ED4ea6TOPDGBjmQw8Y9nZaMATDqEnO8IGaF/Jkl476O3Ek1Nd5yO
|
||||
Sday83Or1GkD+ZsZxvyc0CpGJYYaGPrsUFAXekebSlon5SIDerQB7WgABSoGOKDo
|
||||
I8Z+JU/KftwewrE0hr9GZ8HAYBJVt0XfuNSWL7ulmF2HC3RZ877FYk3Vg3KVQs7d
|
||||
yJfK3+V3pGyzOBp/xU61nVZrb0fvua1hWQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQCPR4RhXan28Eq/A6pGfJ29USKLqqDZChYy9q71Zi8hTs4+YYD6wMU8kz+MnTHC
|
||||
/Gf+6XFix7W07XxpFirZ5dkENn7lQUBklBmbxRdB9aW9WfJjx148a/I4+pXZalEI
|
||||
fqpnmWBYt4+/L9exu8tIwj/bshBmuO8Nn4ronTBDgrTCu5feyYO5l12hEdT2d+5r
|
||||
wc/Be66ftl8eOhsr9XJNidjoTVGB3SlHC6v0J7izgS+wT0UxIi3a3gwzW5ZsF4y8
|
||||
8iEicAVGmkjgmyJ5GoInQhVhLU2vlxgoULAEWKhF79JYChkGSg8dXAvqBfLm3OCg
|
||||
hxj9HldPc8mCn3gMt8F+POZL
|
||||
</ds:X509Certificate>
|
||||
</ds:X509Data>
|
||||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
<KeyDescriptor use="encryption">
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
<ds:X509Data>
|
||||
<ds:X509Certificate>MIICrjCCAZYCCQDmdnUguf+VxTANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5s
|
||||
b2NhbGhvc3Q6ODM4MDAeFw0xNjAxMTkxMTUwMDdaFw0yNjAxMTgxMTUwMDdaMBkx
|
||||
FzAVBgNVBAMMDmxvY2FsaG9zdDo4MzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAuissRqhpCBR9nMuoRp+Varx151DKbmdL6NhNxWUOdaYF+fSpNmtG
|
||||
0NsaYV0Coz0Jak/6ap7EfhUeG83vh0G2xj6YTVYtXDVMnUPGmzHprvmFvTOfP4KI
|
||||
VM+1aHcPLfk8ED4ea6TOPDGBjmQw8Y9nZaMATDqEnO8IGaF/Jkl476O3Ek1Nd5yO
|
||||
Sday83Or1GkD+ZsZxvyc0CpGJYYaGPrsUFAXekebSlon5SIDerQB7WgABSoGOKDo
|
||||
I8Z+JU/KftwewrE0hr9GZ8HAYBJVt0XfuNSWL7ulmF2HC3RZ877FYk3Vg3KVQs7d
|
||||
yJfK3+V3pGyzOBp/xU61nVZrb0fvua1hWQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQCPR4RhXan28Eq/A6pGfJ29USKLqqDZChYy9q71Zi8hTs4+YYD6wMU8kz+MnTHC
|
||||
/Gf+6XFix7W07XxpFirZ5dkENn7lQUBklBmbxRdB9aW9WfJjx148a/I4+pXZalEI
|
||||
fqpnmWBYt4+/L9exu8tIwj/bshBmuO8Nn4ronTBDgrTCu5feyYO5l12hEdT2d+5r
|
||||
wc/Be66ftl8eOhsr9XJNidjoTVGB3SlHC6v0J7izgS+wT0UxIi3a3gwzW5ZsF4y8
|
||||
8iEicAVGmkjgmyJ5GoInQhVhLU2vlxgoULAEWKhF79JYChkGSg8dXAvqBfLm3OCg
|
||||
hxj9HldPc8mCn3gMt8F+POZL
|
||||
</ds:X509Certificate>
|
||||
</ds:X509Data>
|
||||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://localhost:8380/mellon/logout"/>
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://localhost:8380/mellon/logout"/>
|
||||
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
||||
<AssertionConsumerService
|
||||
index="0"
|
||||
isDefault="true"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||
Location="http://localhost:8380/mellon/postResponse"/>
|
||||
<AssertionConsumerService
|
||||
index="1"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||
Location="http://localhost:8380/mellon/artifactResponse"/>
|
||||
<AssertionConsumerService
|
||||
index="2"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
|
||||
Location="http://localhost:8380/mellon/paosResponse"/>
|
||||
</SPSSODescriptor>
|
||||
</EntityDescriptor>
|
||||
|
|
@ -1,51 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="urn:keycloak">
|
||||
<EntityDescriptor entityID="http://localhost:8180/auth/realms/mellon-test">
|
||||
<IDPSSODescriptor WantAuthnRequestsSigned="true"
|
||||
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
||||
</NameIDFormat>
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
||||
</NameIDFormat>
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
||||
</NameIDFormat>
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
||||
</NameIDFormat>
|
||||
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||
Location="http://localhost:8180/auth/realms/mellon-test/protocol/saml"/>
|
||||
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://localhost:8180/auth/realms/mellon-test/protocol/saml"/>
|
||||
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://localhost:8180/auth/realms/mellon-test/protocol/saml"/>
|
||||
<KeyDescriptor use="signing">
|
||||
<dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
|
||||
<dsig:X509Data>
|
||||
<dsig:X509Certificate>
|
||||
MIICpTCCAY0CBgFSP3CJrTANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAttZWxsb24tdGVzdDAeFw0xNjAxMTQwOTE5NDVaFw0yNjAxMTQwOTIxMjVaMBYxFDASBgNVBAMMC21lbGxvbi10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaZ6nndLegc+aKXNog08KdWOIZfr393e0nlqZ3SzNCYJ+IrSAWepCNvUW4W0samrtC47XBYNJwBSw9KCLNcpOeR7IC+gtmm8t9VH0QRxDEOvoLoj0zMkuaBhF+1NZdt6kc5gYVSeymkFSG/Eyz06Zo9zfhb52tUK83hYPcRE2azBDAuffnnHGg+fiCMZtMz7qCYXSoGy15odM1AypILDGxCtDpk0nPmwp6AlA7LpWLKYFEXrXhPmZGw2eDA6FqLFYgBovffJzFy1WzqpAzpKbYqVbb/yKUbv5NI4ELlOdjvXfoB7wOp3cHwnuq1G8YjR7OKLeVtszKXUPCjwFSZnFwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBwRkPh3pSAG1UWr1rJW9LMVdfu6KFsVTCMqExuJKUrH4hAPKXXi9iEAyiB/+NdnG8bgvU0xhdH9lW51J1JpH3xRtOMV+1CAZB41RFx1r/zJg0Zrdbfodv1UFJtLhSIKhKnfoSdlml2O9SHwd4VQmwz/QQqzBIS+yJDv7cOxMRszryWq5aWCPMosxwuAJzjwlF6jBHqidkd4EGTNMDK1pDZN1voiYS0ry7h7Lcq2ZbrBFzBqzHvXieym68ACDHr5hkKe065ne1hCgO/+POsAi6VU+qlSbzsD9NenHP60c9+Dt/IY9DeX6IubXChcW5A+qnb5qRWBtwXshfcsDFHYkBJ
|
||||
</dsig:X509Certificate>
|
||||
</dsig:X509Data>
|
||||
</dsig:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
</IDPSSODescriptor>
|
||||
</EntityDescriptor>
|
||||
</EntitiesDescriptor>
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<a href="/">Go to unprotected resource</a>
|
||||
<a href="/mellon/logout?ReturnTo=/">logout</a>
|
||||
Protected resource
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<a href="/auth">Go to protected resource</a>
|
||||
Unprotected resource
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
FROM ubuntu
|
||||
|
||||
RUN apt-get update && apt-get install -y apache2 && apt-get install -y libapache2-mod-auth-mellon
|
||||
|
||||
RUN mkdir /etc/apache2/mellon
|
||||
|
||||
COPY mellon/* /etc/apache2/mellon/
|
||||
|
||||
COPY auth_mellon.conf /etc/apache2/mods-enabled/
|
||||
|
||||
COPY www/* /var/www/html/
|
||||
|
||||
RUN mkdir /var/www/html/auth2
|
||||
|
||||
COPY www/auth2/* /var/www/html/auth2/
|
||||
|
||||
CMD /usr/sbin/apache2ctl -D FOREGROUND
|
||||
|
|
@ -1,31 +0,0 @@
|
|||
MellonCacheSize 100
|
||||
MellonLockFile "/run/mod_auth_mellon/lock"
|
||||
|
||||
# This is a server-wide configuration that will add information from the Mellon session to all requests.
|
||||
<Location />
|
||||
# Add information from the mod_auth_mellon session to the request.
|
||||
MellonEnable "info"
|
||||
|
||||
# Configure the SP metadata
|
||||
# This should be the files which were created when creating SP metadata.
|
||||
MellonSPPrivateKeyFile /etc/apache2/mellon/http_localhost_auth_.key
|
||||
|
||||
MellonSPCertFile /etc/apache2/mellon/http_localhost_auth_.cert
|
||||
MellonSPMetadataFile /etc/apache2/mellon/http_localhost_auth_.xml
|
||||
|
||||
# IdP metadata. This should be the metadata file you got from the IdP.
|
||||
MellonIdPMetadataFile /etc/apache2/mellon/idp-metadata.xml
|
||||
|
||||
# The location all endpoints should be located under.
|
||||
# It is the URL to this location that is used as the second parameter to the metadata generation script.
|
||||
# This path is relative to the root of the web server.
|
||||
MellonEndpointPath /mellon
|
||||
|
||||
MellonVariable "cookie2"
|
||||
</Location>
|
||||
|
||||
<Location /auth2>
|
||||
MellonEnable "auth"
|
||||
|
||||
MellonCond "Role" "manager"
|
||||
</Location>
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICrjCCAZYCCQCrriL//w2/KDANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5s
|
||||
b2NhbGhvc3Q6ODQ4MDAeFw0xNjAyMTcxMDQzMjhaFw0yNjAyMTYxMDQzMjhaMBkx
|
||||
FzAVBgNVBAMMDmxvY2FsaG9zdDo4NDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAw0VE8Q0jNc2bl0OSZWvKQQIIowBie3rGgRfBB0TzO5sjBbJSQYPh
|
||||
HBWb61gB4Cx1TvCQdefgVvhB1Heq9VFdRKRtZLl2I9RaOYPpLpBXLl10yHLGUKMz
|
||||
KVT1bpKNY4hCDN46nrxiYcbi+ZLsiezAITLEsPls2KWq5IFb0Nh/8aLRv3glk1aL
|
||||
aUtSSM1c/qGk7al9rfjG6HuUutaOYtpy4dTTsMkKUmHwBTeMkSYzLnmNVgyRFN8Q
|
||||
WPf02B1TtL5cEfrm7frWsSKxUmVcmz5pz3akjd5HD3tNJC1RGCoWQG61g7hW25y1
|
||||
MRHcYXlJajSFp9KmGbkB30OpTJgky7NpGQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQApi0LyRNInVXfKqdAo1dMRzVso5CPSVuNUd/YwdRS5aYtGUx44SA2kGnuzo9XP
|
||||
c0OSJzuMMPRuwkL91Du8283rQT1wERvJrt1Zbs90RAwNNvpTZ4uzgZp/Kxlr8tQ8
|
||||
LuUsUcbBgNuI9LV51po0yZlxXGu/pfs7HNRVV2zfItkAO7OKj00f+Mn0+JLhJ9PJ
|
||||
oYvfPFQnAU3oFkYlc7FIYUeFKbFFG9KCkwb39vkuIHjcCEVFBCkdERefTBBptmXd
|
||||
emOI+tY7m1pzpkVzNDGX0OtEoGDokZHKL9xJUPU5Ao15OhVY0bp84uf1wjVvDVrg
|
||||
/8HfSSKirVjrlumRGariq8aw
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDDRUTxDSM1zZuX
|
||||
Q5Jla8pBAgijAGJ7esaBF8EHRPM7myMFslJBg+EcFZvrWAHgLHVO8JB15+BW+EHU
|
||||
d6r1UV1EpG1kuXYj1Fo5g+kukFcuXXTIcsZQozMpVPVuko1jiEIM3jqevGJhxuL5
|
||||
kuyJ7MAhMsSw+WzYparkgVvQ2H/xotG/eCWTVotpS1JIzVz+oaTtqX2t+Mboe5S6
|
||||
1o5i2nLh1NOwyQpSYfAFN4yRJjMueY1WDJEU3xBY9/TYHVO0vlwR+ubt+taxIrFS
|
||||
ZVybPmnPdqSN3kcPe00kLVEYKhZAbrWDuFbbnLUxEdxheUlqNIWn0qYZuQHfQ6lM
|
||||
mCTLs2kZAgMBAAECggEARTJu090L9Sz/TgMsBbTE33SRCvI/8/H2FhkM1j6g0yaO
|
||||
qp4eeAj75K/jqOpu/7nBeE/XYXDiFu+ypFAjzPsgSgramS7/poLB1k/gehe8TTnh
|
||||
AIdrr3el0afBsYVNhU/r2BOIQmgPlQaduENQfy/eheUvvmclI0DR5lfQ6ZlO/ZlO
|
||||
s/agiziupR9ceHYCTkQpc9GI/byvVBdXIp9PSMjNhBcYv3SUP1FnhWoV2tlAZwOm
|
||||
VfB6yvZtNLp952AvsKxun6lmQQDsNhiWzCGw6cHf/aFPjEttLKHv0u6mobpM/d95
|
||||
AF+bifCweJZnfrYCE2sHTX8rzXoQ6laP6m0d8bYlgQKBgQDgsHUXSGCQYTvcmwQF
|
||||
CMhk5arQGjg7PHzFj0Mv/45b1X19MYnTRNpFx5G2Rpa4+5EKEVguUZlUXeVAxfx5
|
||||
nn/R6GCSqcOqf+Fb4nRDJrYABJIVCywEeUqRdZjt3VsFBIcXykTItVC4eBDlwNIy
|
||||
5ELB8QL7pgRAso3LVBfRdv+SjQKBgQDee1UEkncP9JfzslhCqSUXjgCnPGMDmCsh
|
||||
bMLhE5PNiVYMymjitJPY50weBOeJt2e0SBGWwPdWF7yEm11bWyjEDgA0lOndiuLV
|
||||
hHvCHUmbRQOh968+4dzSBvUb4llxcQfncs8MPI+ZJeyXghSENY1KzqNLbQcMb49k
|
||||
y0uWRqLTvQKBgQCST9Wvl53p5qdIfFkdvh5gNX4JjUlYqYbGTwf9VXiqLFdPEtch
|
||||
EBDip5YnD8hOJOLJn4nAf7pMyefjSgmiWKf7VEqutoWHnUZuwwPaRnb1hARsV54O
|
||||
O71nAyDWo/IFTnF5+GjaGde6h9TZB7rZEPK3v+2lWPIj/yF+agAokkjScQKBgQCs
|
||||
KVAe26AazrGPOSEnZHB5i79hqk8MhwJJOTqMpXOoh2/5MeB8HjSSklnKmQz6+tvb
|
||||
HDHQML609mVBUGCrwx0Gqbbq+ZkHgOQLShvimHtPFda7zUjlJi6UsCGYVE3WhRsS
|
||||
tTsXQv30Cu7MRzLNJAuUKdcfFN1xeBrEarSxMzPpGQKBgQCGyCSxoHafI78fuLB8
|
||||
lfMif3QcILxn409GxypMEc5G7iWyo+vfoMmRNjcr6zZ1luvmTqHl7mAroUpJ9X33
|
||||
6Ctw4O3r/utS03AwwOaEfpmlxMQVu5ySFICqZjMHHjvbUFQE2KPlQOqcjChT4S3n
|
||||
2vRK05BKbdFqlCprQtFtkA3q+g==
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -1,72 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
<EntityDescriptor
|
||||
entityID="http://localhost:8480/auth2"
|
||||
xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
|
||||
<SPSSODescriptor
|
||||
AuthnRequestsSigned="false"
|
||||
WantAssertionsSigned="false"
|
||||
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<KeyDescriptor use="signing">
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
<ds:X509Data>
|
||||
<ds:X509Certificate>MIICrjCCAZYCCQCrriL//w2/KDANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5s
|
||||
b2NhbGhvc3Q6ODQ4MDAeFw0xNjAyMTcxMDQzMjhaFw0yNjAyMTYxMDQzMjhaMBkx
|
||||
FzAVBgNVBAMMDmxvY2FsaG9zdDo4NDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAw0VE8Q0jNc2bl0OSZWvKQQIIowBie3rGgRfBB0TzO5sjBbJSQYPh
|
||||
HBWb61gB4Cx1TvCQdefgVvhB1Heq9VFdRKRtZLl2I9RaOYPpLpBXLl10yHLGUKMz
|
||||
KVT1bpKNY4hCDN46nrxiYcbi+ZLsiezAITLEsPls2KWq5IFb0Nh/8aLRv3glk1aL
|
||||
aUtSSM1c/qGk7al9rfjG6HuUutaOYtpy4dTTsMkKUmHwBTeMkSYzLnmNVgyRFN8Q
|
||||
WPf02B1TtL5cEfrm7frWsSKxUmVcmz5pz3akjd5HD3tNJC1RGCoWQG61g7hW25y1
|
||||
MRHcYXlJajSFp9KmGbkB30OpTJgky7NpGQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQApi0LyRNInVXfKqdAo1dMRzVso5CPSVuNUd/YwdRS5aYtGUx44SA2kGnuzo9XP
|
||||
c0OSJzuMMPRuwkL91Du8283rQT1wERvJrt1Zbs90RAwNNvpTZ4uzgZp/Kxlr8tQ8
|
||||
LuUsUcbBgNuI9LV51po0yZlxXGu/pfs7HNRVV2zfItkAO7OKj00f+Mn0+JLhJ9PJ
|
||||
oYvfPFQnAU3oFkYlc7FIYUeFKbFFG9KCkwb39vkuIHjcCEVFBCkdERefTBBptmXd
|
||||
emOI+tY7m1pzpkVzNDGX0OtEoGDokZHKL9xJUPU5Ao15OhVY0bp84uf1wjVvDVrg
|
||||
/8HfSSKirVjrlumRGariq8aw</ds:X509Certificate>
|
||||
</ds:X509Data>
|
||||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
<KeyDescriptor use="encryption">
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
<ds:X509Data>
|
||||
<ds:X509Certificate>MIICrjCCAZYCCQCrriL//w2/KDANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5s
|
||||
b2NhbGhvc3Q6ODQ4MDAeFw0xNjAyMTcxMDQzMjhaFw0yNjAyMTYxMDQzMjhaMBkx
|
||||
FzAVBgNVBAMMDmxvY2FsaG9zdDo4NDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAw0VE8Q0jNc2bl0OSZWvKQQIIowBie3rGgRfBB0TzO5sjBbJSQYPh
|
||||
HBWb61gB4Cx1TvCQdefgVvhB1Heq9VFdRKRtZLl2I9RaOYPpLpBXLl10yHLGUKMz
|
||||
KVT1bpKNY4hCDN46nrxiYcbi+ZLsiezAITLEsPls2KWq5IFb0Nh/8aLRv3glk1aL
|
||||
aUtSSM1c/qGk7al9rfjG6HuUutaOYtpy4dTTsMkKUmHwBTeMkSYzLnmNVgyRFN8Q
|
||||
WPf02B1TtL5cEfrm7frWsSKxUmVcmz5pz3akjd5HD3tNJC1RGCoWQG61g7hW25y1
|
||||
MRHcYXlJajSFp9KmGbkB30OpTJgky7NpGQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB
|
||||
AQApi0LyRNInVXfKqdAo1dMRzVso5CPSVuNUd/YwdRS5aYtGUx44SA2kGnuzo9XP
|
||||
c0OSJzuMMPRuwkL91Du8283rQT1wERvJrt1Zbs90RAwNNvpTZ4uzgZp/Kxlr8tQ8
|
||||
LuUsUcbBgNuI9LV51po0yZlxXGu/pfs7HNRVV2zfItkAO7OKj00f+Mn0+JLhJ9PJ
|
||||
oYvfPFQnAU3oFkYlc7FIYUeFKbFFG9KCkwb39vkuIHjcCEVFBCkdERefTBBptmXd
|
||||
emOI+tY7m1pzpkVzNDGX0OtEoGDokZHKL9xJUPU5Ao15OhVY0bp84uf1wjVvDVrg
|
||||
/8HfSSKirVjrlumRGariq8aw</ds:X509Certificate>
|
||||
</ds:X509Data>
|
||||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://localhost:8480/mellon/logout" />
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://localhost:8480/mellon/logout"/>
|
||||
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
|
||||
<AssertionConsumerService
|
||||
index="0"
|
||||
isDefault="true"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||
Location="http://localhost:8480/mellon/postResponse" />
|
||||
<AssertionConsumerService
|
||||
index="1"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||
Location="http://localhost:8480/mellon/artifactResponse" />
|
||||
<AssertionConsumerService
|
||||
index="2"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
|
||||
Location="http://localhost:8480/mellon/paosResponse" />
|
||||
</SPSSODescriptor>
|
||||
</EntityDescriptor>
|
||||
|
|
@ -1,51 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="urn:keycloak">
|
||||
<EntityDescriptor entityID="http://localhost:8180/auth/realms/mellon-test">
|
||||
<IDPSSODescriptor WantAuthnRequestsSigned="true"
|
||||
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
||||
</NameIDFormat>
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
||||
</NameIDFormat>
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
||||
</NameIDFormat>
|
||||
<NameIDFormat>
|
||||
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
||||
</NameIDFormat>
|
||||
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||
Location="http://localhost:8180/auth/realms/mellon-test/protocol/saml"/>
|
||||
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://localhost:8180/auth/realms/mellon-test/protocol/saml"/>
|
||||
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://localhost:8180/auth/realms/mellon-test/protocol/saml"/>
|
||||
<KeyDescriptor use="signing">
|
||||
<dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
|
||||
<dsig:X509Data>
|
||||
<dsig:X509Certificate>
|
||||
MIICpTCCAY0CBgFSP3CJrTANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAttZWxsb24tdGVzdDAeFw0xNjAxMTQwOTE5NDVaFw0yNjAxMTQwOTIxMjVaMBYxFDASBgNVBAMMC21lbGxvbi10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaZ6nndLegc+aKXNog08KdWOIZfr393e0nlqZ3SzNCYJ+IrSAWepCNvUW4W0samrtC47XBYNJwBSw9KCLNcpOeR7IC+gtmm8t9VH0QRxDEOvoLoj0zMkuaBhF+1NZdt6kc5gYVSeymkFSG/Eyz06Zo9zfhb52tUK83hYPcRE2azBDAuffnnHGg+fiCMZtMz7qCYXSoGy15odM1AypILDGxCtDpk0nPmwp6AlA7LpWLKYFEXrXhPmZGw2eDA6FqLFYgBovffJzFy1WzqpAzpKbYqVbb/yKUbv5NI4ELlOdjvXfoB7wOp3cHwnuq1G8YjR7OKLeVtszKXUPCjwFSZnFwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBwRkPh3pSAG1UWr1rJW9LMVdfu6KFsVTCMqExuJKUrH4hAPKXXi9iEAyiB/+NdnG8bgvU0xhdH9lW51J1JpH3xRtOMV+1CAZB41RFx1r/zJg0Zrdbfodv1UFJtLhSIKhKnfoSdlml2O9SHwd4VQmwz/QQqzBIS+yJDv7cOxMRszryWq5aWCPMosxwuAJzjwlF6jBHqidkd4EGTNMDK1pDZN1voiYS0ry7h7Lcq2ZbrBFzBqzHvXieym68ACDHr5hkKe065ne1hCgO/+POsAi6VU+qlSbzsD9NenHP60c9+Dt/IY9DeX6IubXChcW5A+qnb5qRWBtwXshfcsDFHYkBJ
|
||||
</dsig:X509Certificate>
|
||||
</dsig:X509Data>
|
||||
</dsig:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
</IDPSSODescriptor>
|
||||
</EntityDescriptor>
|
||||
</EntitiesDescriptor>
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<a href="/">Go to unprotected resource</a>
|
||||
<a href="/mellon/logout?ReturnTo=/">logout</a>
|
||||
Protected resource 2
|
||||
|
|
@ -1,19 +0,0 @@
|
|||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<a href="/auth2">Go to protected resource</a>
|
||||
Unprotected resource 2
|
||||
|
|
@ -1,39 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
~ and other contributors as indicated by the @author tags.
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<groupId>org.keycloak.testsuite</groupId>
|
||||
<artifactId>integration-arquillian-tests-other</artifactId>
|
||||
<version>999.0.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>integration-arquillian-tests-other-mod_auth_mellon</artifactId>
|
||||
|
||||
<name>Mod_auth_mellon tests</name>
|
||||
|
||||
<properties>
|
||||
<apache.mod_auth_mellon.url>http://localhost:8380</apache.mod_auth_mellon.url>
|
||||
<apache.mod_auth_mellon2.url>http://localhost:8480</apache.mod_auth_mellon2.url>
|
||||
</properties>
|
||||
|
||||
</project>
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
package org.keycloak.testsuite.mod_auth_mellon;
|
||||
|
||||
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
||||
import org.openqa.selenium.WebElement;
|
||||
import org.openqa.selenium.support.FindBy;
|
||||
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URL;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
public class ModAuthMellonProtectedResource extends AbstractPageWithInjectedUrl {
|
||||
|
||||
@FindBy(linkText = "logout")
|
||||
private WebElement logoutButton;
|
||||
|
||||
@Override
|
||||
public URL getInjectedUrl() {
|
||||
try {
|
||||
return new URL(System.getProperty("apache.mod_auth_mellon.url", "https://app-saml-127-0-0-1.nip.io:8743") + "/auth");
|
||||
} catch (MalformedURLException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public void logout() {
|
||||
logoutButton.click();
|
||||
}
|
||||
}
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
package org.keycloak.testsuite.mod_auth_mellon;
|
||||
|
||||
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
||||
import org.openqa.selenium.WebElement;
|
||||
import org.openqa.selenium.support.FindBy;
|
||||
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URL;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
public class ModAuthMellonProtectedResource2 extends AbstractPageWithInjectedUrl {
|
||||
|
||||
@FindBy(linkText = "logout")
|
||||
private WebElement logoutButton;
|
||||
|
||||
@Override
|
||||
public URL getInjectedUrl() {
|
||||
try {
|
||||
return new URL(System.getProperty("apache.mod_auth_mellon2.url", "https://app-saml-127-0-0-1.nip.io:8843") + "/auth2");
|
||||
} catch (MalformedURLException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public void logout() {
|
||||
logoutButton.click();
|
||||
}
|
||||
}
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
package org.keycloak.testsuite.mod_auth_mellon;
|
||||
|
||||
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
||||
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URL;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
public class ModAuthMellonUnprotectedResource extends AbstractPageWithInjectedUrl {
|
||||
|
||||
@Override
|
||||
public URL getInjectedUrl() {
|
||||
try {
|
||||
return new URL(System.getProperty("apache.mod_auth_mellon.url", "https://app-saml-127-0-0-1.nip.io:8743/"));
|
||||
} catch (MalformedURLException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
package org.keycloak.testsuite.mod_auth_mellon;
|
||||
|
||||
import org.keycloak.testsuite.page.AbstractPageWithInjectedUrl;
|
||||
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URL;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
public class ModAuthMellonUnprotectedResource2 extends AbstractPageWithInjectedUrl {
|
||||
|
||||
@Override
|
||||
public URL getInjectedUrl() {
|
||||
try {
|
||||
return new URL(System.getProperty("apache.mod_auth_mellon2.url", "https://app-saml-127-0-0-1.nip.io:8843/"));
|
||||
} catch (MalformedURLException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,98 +0,0 @@
|
|||
package org.keycloak.testsuite.mod_auth_mellon;
|
||||
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractAuthTest;
|
||||
import org.keycloak.testsuite.util.URLAssert;
|
||||
import org.keycloak.models.utils.SessionTimeoutHelper;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm;
|
||||
import static org.keycloak.testsuite.util.WaitUtils.pause;
|
||||
|
||||
/**
|
||||
* @author mhajas
|
||||
*/
|
||||
public class ModAuthMellonTest extends AbstractAuthTest {
|
||||
@Page
|
||||
private ModAuthMellonProtectedResource modAuthMellonProtectedResourcePage;
|
||||
|
||||
@Page
|
||||
private ModAuthMellonUnprotectedResource modAuthMellonUnprotectedResourcePage;
|
||||
|
||||
@Page
|
||||
private ModAuthMellonProtectedResource2 modAuthMellonProtectedResourcePage2;
|
||||
|
||||
@Page
|
||||
private ModAuthMellonUnprotectedResource2 modAuthMellonUnprotectedResourcePage2;
|
||||
|
||||
@Override
|
||||
public void addTestRealms(List<RealmRepresentation> testRealms) {
|
||||
testRealms.add(loadRealm("/mellon-realm.json"));
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setDefaultPageUriParameters() {
|
||||
super.setDefaultPageUriParameters();
|
||||
testRealmPage.setAuthRealm("mellon-test");
|
||||
testRealmSAMLRedirectLoginPage.setAuthRealm("mellon-test");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void singleLoginAndLogoutTest() {
|
||||
try {
|
||||
modAuthMellonProtectedResourcePage.navigateTo();
|
||||
URLAssert.assertCurrentUrlStartsWith(testRealmSAMLRedirectLoginPage);
|
||||
testRealmSAMLRedirectLoginPage.form().login(bburkeUser);
|
||||
assertTrue(driver.getPageSource().contains("Protected resource"));
|
||||
|
||||
modAuthMellonProtectedResourcePage2.navigateTo();
|
||||
assertTrue(driver.getPageSource().contains("Protected resource 2"));
|
||||
|
||||
modAuthMellonProtectedResourcePage2.logout();
|
||||
assertTrue(driver.getPageSource().contains("Unprotected resource 2"));
|
||||
|
||||
modAuthMellonProtectedResourcePage2.navigateTo();
|
||||
URLAssert.assertCurrentUrlStartsWith(testRealmSAMLRedirectLoginPage);
|
||||
|
||||
setTimeOffset(SessionTimeoutHelper.IDLE_TIMEOUT_WINDOW_SECONDS * 1000);
|
||||
pause(5000); //session length
|
||||
|
||||
modAuthMellonProtectedResourcePage.navigateTo();
|
||||
URLAssert.assertCurrentUrlStartsWith(testRealmSAMLRedirectLoginPage);
|
||||
} finally {
|
||||
resetTimeOffset();
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void unauthorizedSSO() {
|
||||
modAuthMellonProtectedResourcePage2.navigateTo();
|
||||
URLAssert.assertCurrentUrlStartsWith(testRealmSAMLRedirectLoginPage);
|
||||
testRealmSAMLRedirectLoginPage.form().login("unauthorized", "password");
|
||||
assertTrue(driver.getPageSource().contains("Forbidden"));
|
||||
|
||||
modAuthMellonProtectedResourcePage.navigateTo();
|
||||
assertTrue(driver.getPageSource().contains("Protected resource"));
|
||||
modAuthMellonProtectedResourcePage.logout();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void sessionExpiration() {
|
||||
try {
|
||||
modAuthMellonProtectedResourcePage.navigateTo();
|
||||
testRealmSAMLRedirectLoginPage.form().login(bburkeUser);
|
||||
assertTrue(driver.getPageSource().contains("Protected resource"));
|
||||
setTimeOffset(SessionTimeoutHelper.IDLE_TIMEOUT_WINDOW_SECONDS * 1000);
|
||||
pause(5000); //session length
|
||||
|
||||
modAuthMellonProtectedResourcePage.navigateTo();
|
||||
URLAssert.assertCurrentUrlStartsWith(testRealmSAMLRedirectLoginPage);
|
||||
} finally {
|
||||
resetTimeOffset();
|
||||
}
|
||||
}
|
||||
}
|
||||
File diff suppressed because it is too large
Load diff
|
|
@ -118,12 +118,6 @@
|
|||
</dependency>
|
||||
</dependencies>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>mod_auth_mellon</id>
|
||||
<modules>
|
||||
<module>mod_auth_mellon</module>
|
||||
</modules>
|
||||
</profile>
|
||||
<profile>
|
||||
<id>jpa-performance</id>
|
||||
<modules>
|
||||
|
|
|
|||
Loading…
Reference in a new issue