sochotnicky/pdc-ipsilon-config

## pdc-ipsilon-config
Following djangosam2 documentation, the configuration looks like this:

in setting.py
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'djangosaml2.backends.Saml2Backend',
)

in url.py
urlpatterns = patterns(
'',

    lots of url definitions here
    (r'^saml2/', include('djangosaml2.urls')),
    more url definitions
    )

in setting.py
LOGIN_URL = '/saml2/login/'
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
LOGIN_REDIRECT_URL = '/'
import saml2
from saml2 import saml

SAML_DJANGO_USER_MAIN_ATTRIBUTE = 'username'
SAML_CREATE_UNKNOWN_USER = True

SAML_CONFIG = {

    full path to the xmlsec1 binary programm
    'xmlsec_binary': '/usr/bin/xmlsec1',
    your entity id, usually your subdomain plus the url to the metadata view
    'entityid': 'https://edge.usersys.redhat.com/saml2',
    directory with attribute mapping
    'attribute_map_dir': os.path.join(BASE_DIR, 'pdc/saml2/attribute-maps'),
    this block states what services we provide
    'service': {
    we are just a lonely SP
    'sp':
    Unknown macro: { 'name'}

    ,
    attributes that this project need to identify a user
    'required_attributes': ['uid'],
    in this section the list of IdPs we talk to are defined
    'idp': {
    we do not need a WAYF service since there is
    only an IdP defined here. This IdP should be
    present in our metadata
    the keys of this dictionary are entity ids
    'https://ipsilon.pntdevops.com/idp/saml2/metadata':
    Unknown macro: { 'single_sign_on_service'}

    ,
    },
    },
    where the remote metadata is stored
    'metadata': { 'local': [os.path.join(BASE_DIR, 'pdc/saml2/idp-metadata.xml')], }

    ,
    set to 1 to output debugging information
    'debug': 1,
    certificate
    'key_file': os.path.join(BASE_DIR, 'pdc/saml2/certificate.key'), # private part
    'cert_file': os.path.join(BASE_DIR, 'pdc/saml2/certificate.pem'), # public part
    'valid_for': 24, # how long is our metadata valid
    'create_users_on_login': True
    }
	Following djangosam2 documentation, the configuration looks like this:

	in setting.py
	AUTHENTICATION_BACKENDS = (
	'django.contrib.auth.backends.ModelBackend',
	'djangosaml2.backends.Saml2Backend',
	)

	in url.py
	urlpatterns = patterns(
	'',

	lots of url definitions here
	(r'^saml2/', include('djangosaml2.urls')),
	more url definitions
	)

	in setting.py
	LOGIN_URL = '/saml2/login/'
	SESSION_EXPIRE_AT_BROWSER_CLOSE = True
	LOGIN_REDIRECT_URL = '/'
	import saml2
	from saml2 import saml

	SAML_DJANGO_USER_MAIN_ATTRIBUTE = 'username'
	SAML_CREATE_UNKNOWN_USER = True

	SAML_CONFIG = {

	full path to the xmlsec1 binary programm
	'xmlsec_binary': '/usr/bin/xmlsec1',
	your entity id, usually your subdomain plus the url to the metadata view
	'entityid': 'https://edge.usersys.redhat.com/saml2',
	directory with attribute mapping
	'attribute_map_dir': os.path.join(BASE_DIR, 'pdc/saml2/attribute-maps'),
	this block states what services we provide
	'service': {
	we are just a lonely SP
	'sp':
	Unknown macro: { 'name'}

	,
	attributes that this project need to identify a user
	'required_attributes': ['uid'],
	in this section the list of IdPs we talk to are defined
	'idp': {
	we do not need a WAYF service since there is
	only an IdP defined here. This IdP should be
	present in our metadata
	the keys of this dictionary are entity ids
	'https://ipsilon.pntdevops.com/idp/saml2/metadata':
	Unknown macro: { 'single_sign_on_service'}

	,
	},
	},
	where the remote metadata is stored
	'metadata': { 'local': [os.path.join(BASE_DIR, 'pdc/saml2/idp-metadata.xml')], }

	,
	set to 1 to output debugging information
	'debug': 1,
	certificate
	'key_file': os.path.join(BASE_DIR, 'pdc/saml2/certificate.key'), # private part
	'cert_file': os.path.join(BASE_DIR, 'pdc/saml2/certificate.pem'), # public part
	'valid_for': 24, # how long is our metadata valid
	'create_users_on_login': True
	}