Skip to content

caleno/redmine_http_auth

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
app
app
 
 
config
config
 
 
lang
lang
 
 
lib
lib
 
 
MIT-LICENSE
MIT-LICENSE
 
 
README
README
 
 
Rakefile
Rakefile
 
 
init.rb
init.rb
 
 
install.rb
install.rb
 
 
uninstall.rb
uninstall.rb
 
 

Repository files navigation

I'm goint to try mesh this up so it works with Redmine 2.x and I'm not a Ruby guy.

HTTP Authentication plugin for Redmine with SAML 2.0 support
=======

This is a slightly modified version of the HTTP Authentication plugin for
Redmine. The original version can be found at:

    https://github.com/AdamLantos/redmine_http_auth

The goal of the modifications is to support SAML 2.0 authentication and
just-in-time provisioning of users.

We use the mod_mellon module for Apache for authentication:

    http://code.google.com/p/modmellon/


Quick installation guide
=======

1. Install mod_mellon. (Can in theory use any other authentication plugin
   for Apache that sets REMOTE_USER and provides user attributes.)

2. Configure mod_mellon. We used something like:

        <Location />
          MellonEnable info
          MellonSecureCookie On
          MellonEndpointPath /mellon

          MellonUser eduPersonPrincipalName

          MellonSPMetadataFile /etc/apache2/mellon/sp.example.org.xml
          MellonSPPrivateKeyFile /etc/apache2/mellon/sp.example.org.key

          MellonIdPMetadataFile /etc/apache2/mellon/openidp.feide.no.xml
        </Location>

   See the mod_mellon documentation for details. (Remember to restart Apache
   after the configuration changes.)

3. Test mod_mellon. Visit:

        https://your-site.example.org/mellon/login?ReturnTo=/invalidURL

   You should be sent to your IdP for authentication. Afterwards you should
   end up at /invalidURL

4. Install this redmine plugin:

        ruby script/plugin install git://github.com/UNINETT/redmine_http_auth.git

   (You may have to restart Apache afterwards.)

5. Configure the plugin:

       * Link to trigger login: /mellon/login
       * Parameter with return URL: ReturnTo
       * Link to trigger logout: /mellon/logout
       * Parameter with return URL: ReturnTo


   For just-in-time provisioning, you will need to receive attributes with user
   information from the IdP. mod_mellon will then add them as environment
   variables that this plugin can use for provisioning. We use:

       * Environment variable with first name: "MELLON_givenName"
       * Environment variable with last name: "MELLON_sn"
       * Environment variable with email address: "MELLON_mail"

About

HTTP Authentication plugin for redmine

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Ruby 100.0%