那些遇到过的问题

标签: ruby-saml

将 SAML 集成到 Rails 应用程序中

我正在尝试在我的项目中添加ruby​​-saml。但我对如何在我的场景中实现它有点困惑。我在一个网站上,比如说 abc.com,有一个按钮。当我单击该按钮时,我需要重定向到网站 xyz.com,在该网站中我需要传递 SAML XML 并将其发送到 xyz.com/SAML。SAML 请求将由 xyz.com 处理,然后他们将向我发送响应。谁能给我一些想法如何实现它?

另外,我对这些领域感到困惑。有人可以给我一个快速总结吗?

settings.assertion_consumer_service_urlsettings.sp_entity_idsettings.idp_entity_idsettings.idp_sso_service_urlsettings.idp_slo_service_url




def init
  request = OneLogin::RubySaml::Authrequest.new
  saml_settings.name_identifier_value_requested = "testuser@example.com"
  saml_settings.name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
  redirect_to(request.create(saml_settings))
end



 def saml_settings
  settings = OneLogin::RubySaml::Settings.new

  settings.assertion_consumer_service_url = "http://#{request.host}/saml/consume"
  settings.idp_sso_service_url            = "https://app.onelogin.com/trust/saml2/http-post/sso/#{OneLoginAppId}"
  settings.idp_sso_service_binding        = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" # or :post, :redirect
  settings.idp_slo_service_binding        = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" # or :post, :redirect
  settings.idp_cert_fingerprint           = OneLoginAppCertFingerPrint
  settings.idp_cert_fingerprint_algorithm = "http://www.w3.org/2000/09/xmldsig#sha1"
  settings.name_identifier_format         = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"

  # Optional for most SAML IdPs
  settings.authn_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
  # or as an array
  settings.authn_context …
Run Code Online (Sandbox Code Playgroud)

ruby ruby-on-rails saml ruby-saml ruby-on-rails-6

Ani*_*ari
2021 09-10
10
推荐指数
1
解决办法
2026
查看次数

为什么有人会将 ruby​​-saml gem 请求/响应的证书签名设置为 false?

在 ruby​​-saml gem 中,我们有以下选项配置来决定是否签署某些请求/响应:

  settings.security[:authn_requests_signed]   = true     # Enable or not signature on AuthNRequest
  settings.security[:logout_requests_signed]  = true     # Enable or not signature on Logout Request
  settings.security[:logout_responses_signed] = true     # Enable or not signature on Logout Response
  settings.security[:want_assertions_signed]  = true     # Enable or not the requirement of signed assertion
  settings.security[:metadata_signed]         = true     # Enable or not signature on Metadata
Run Code Online (Sandbox Code Playgroud)

使用证书将确保我们正在与我们认为正在交谈的人交谈。为什么有人想将这些配置设置为 false?

ruby certificate saml saml-2.0 ruby-saml

Hen*_*ang
lucky-day
2
推荐指数
1
解决办法
570
查看次数

Devise:devise_saml_authenticatable - 未初始化的常量 SamlSessionsController

我正在使用https://github.com/apokalipto/devise_saml_authenticatable在 Ruby on Rails 应用程序中通过 SAML 针对 Okta 实现登录。

使用上述说明设置示例应用程序后,尝试导航到 /users/saml/log_in 时出现以下错误

ActionController::RoutingError (uninitialized constant SamlSessionsController):

activesupport (5.1.6) lib/active_support/inflector/methods.rb:269:in `const_get'
activesupport (5.1.6) lib/active_support/inflector/methods.rb:269:in `block in constantize'
activesupport (5.1.6) lib/active_support/inflector/methods.rb:267:in `each'
activesupport (5.1.6) lib/active_support/inflector/methods.rb:267:in `inject'
activesupport (5.1.6) lib/active_support/inflector/methods.rb:267:in `constantize'
actionpack (5.1.6) lib/action_dispatch/http/request.rb:85:in `controller_class_for'
actionpack (5.1.6) lib/action_dispatch/http/request.rb:78:in `controller_class'
actionpack (5.1.6) lib/action_dispatch/routing/route_set.rb:43:in `controller'
actionpack (5.1.6) lib/action_dispatch/routing/route_set.rb:29:in `serve'
actionpack (5.1.6) lib/action_dispatch/routing/mapper.rb:16:in `block in <class:Constraints>'
actionpack (5.1.6) lib/action_dispatch/routing/mapper.rb:46:in `serve'
actionpack (5.1.6) lib/action_dispatch/journey/router.rb:50:in `block in serve'
Run Code Online (Sandbox Code Playgroud)

不确定是什么导致了上述错误。我已确保 gem 是 Gemfile 的一部分并且已安装。

还有什么我可以调查的吗?

ruby-on-rails saml devise ruby-saml

Roh*_*non
lucky-day
1
推荐指数
1
解决办法
885
查看次数

标签 统计

ruby-saml ×3

saml ×3

ruby ×2

ruby-on-rails ×2

certificate ×1

devise ×1

ruby-on-rails-6 ×1

saml-2.0 ×1