Last active
May 11, 2018 21:10
-
-
Save mrajashree/845fa1162d07ab40c196fee0ca494a9d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RANCHER_URL="myrancherhost:8080" | |
# External ID value, should be the value of the attribute you want to provide for User ID in Rancher, so if is sAMAccountName | |
EXTERNAL_ID="value of sAMAccountName for admin" | |
curl -H "Accept: application/json" -H "Content-Type: application/json" -d '{"name":"api.host", "value":"${RANCHER_URL}"}' http://${RANCHER_URL}/v2-beta/settings | |
# Define the admin user | |
curl -H "Content-Type: application/json" -X PUT -d '{"externalId":"${EXTERNAL_ID}", "externalIdType":"shibboleth_user"}' http://${RANCHER_URL}/v2-beta/accounts/1a1 | |
# Get API keys for Admin user | |
curl -H "Content-Type: application/json" -X POST -d '{}' http://${RANCHER_URL}/v2-beta/apikeys | |
# From this second call's response, copy and use 'publicValue' and 'secretValue' as access key and secret key respectively for the third call | |
# Enable SAML | |
curl -H "Content-Type: application/json" -u publicValue:secretValue -X POST -d @input.json http://${RANCHER_URL}/v1-auth/config |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"accessMode":"unrestricted", | |
"allowedIdentities":[], | |
"enabled":true, | |
"provider":"shibbolethconfig", | |
"shibbolethConfig":{ | |
"IDPMetadataFilePath":"", | |
"RancherAPIHost":"http://RANCHER_URL", | |
"SPSelfSignedCertFilePath":"", | |
"SPSelfSignedKeyFilePath":"", | |
"SamlServiceProvider":null, | |
"actions":null, | |
"displayNameField":"displayName", | |
"groupsField":"memberOf", | |
"idpMetadataContent":"ENTER METADATA", | |
"idpMetadataUrl":"", | |
"links":null, | |
"spCert":"-----BEGIN CERTIFICATE-----\nMIIDiTCCAnGgAwIBrMA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV\nBAYTAlVTMQnv\nlKpfiC2pTayjeBn+62Kta5tC8cre2y\n-----END CERTIFICATE-----", | |
"spKey":"-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkCRGC0wHDe401rzR\nj0Nrj9H1SeZYfZPkh8VuNxJcytc/xO0bSxbwB9\nbcvPiAZOU6mRUJIyUXzEz1B1RKkR8IS\n-----END PRIVATE KEY-----", | |
"uidField":"sAMAccountName", | |
"userNameField":"givenName" | |
}, | |
"githubConfig":{ | |
"actions":null, | |
"clientId":"", | |
"clientSecret":"", | |
"hostname":"", | |
"links":null, | |
"scheme":""}, | |
"ldapConfig":{"actions":null,"connectionTimeout":0,"domain":"","groupDNField":"","groupMemberMappingAttribute":"","groupMemberUserAttribute":"","groupNameField":"","groupObjectClass":"","groupSearchDomain":"","groupSearchField":"","links":null,"loginDomain":"","port":0,"server":"","serviceAccountPassword":"","serviceAccountUsername":"","tls":false,"userDisabledBitMask":0,"userEnabledAttribute":"","userLoginField":"","userNameField":"","userObjectClass":"","userSearchField":""}, | |
"type":"config" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment