我正在努力让djangosaml2工作,我尝试尽可能地配置设置https://openidp.feide.no/但是当我导航到/ saml2 / login /时出现以下错误:
cannot serialize IdpUnspecified('No IdP to send to given the premises',) (type IdpUnspecified)
这就是我在设置中所拥有的
LOGIN_URL = '/saml2/login/'
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
from os import path
import saml2
BASEDIR = path.dirname(path.abspath(__file__))
SAML_CONFIG = {
# full path to the xmlsec1 binary programm
'xmlsec_binary': '/usr/bin/xmlsec1',
# your entity id, usually your subdomain plus the url to the metadata view
'entityid': 'http://localhost:8000/saml2/metadata/',
# directory with attribute mapping
'attribute_map_dir': path.join(BASEDIR, 'attributemaps'),
# this block states what services we provide
'service': {
# we are just a lonely SP
'sp' : {
'name': 'Just a saml test SP',
'endpoints': {
# url and binding to the assetion consumer service view
# do not change the binding or service name
'assertion_consumer_service': [
('http://localhost:8000/saml2/acs/',
saml2.BINDING_HTTP_POST),
],
# url and binding to the single logout service view
# do not change the binding or service name
'single_logout_service': [
('http://localhost:8000/saml2/ls/',
saml2.BINDING_HTTP_REDIRECT),
],
},
# attributes that this project need to identify a user
'required_attributes': ['uid'],
# attributes that may be useful to have but not required
'optional_attributes': ['eduPersonAffiliation'],
# in this section the list of IdPs we talk to are defined
'idp': {
# we do not need a WAYF service since there is
# only an IdP defined here. This IdP should be
# present in our metadata
# the keys of this dictionary are entity ids
'https://openidp.feide.no/simplesaml/saml2/idp/metadata.php': {
'single_sign_on_service': {
saml2.BINDING_HTTP_REDIRECT: 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
},
'single_logout_service': {
saml2.BINDING_HTTP_REDIRECT: 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
},
},
},
},
},
# where the remote metadata is stored
'metadata': {
'local': [path.join(BASEDIR, 'remote_metadata.xml')],
},
# set to 1 to output debugging information
'debug': 1,
# certificate
'key_file': path.join(BASEDIR, 'mycert.key'), # private part
'cert_file': path.join(BASEDIR, 'mycert.pem'), # public part
# own metadata settings
'contact_person': [
{'given_name': 'James',
'sur_name': 'Lin',
'company': 'Company',
'email_address': 'james@james.com',
'contact_type': 'technical'},
],
# you can set multilanguage information here
'organization': {
'name': [('Company', 'en'),],
'display_name': [('Company', 'en')],
'url': [('http://www.company.com', 'en')],
},
'valid_for': 24, # how long is our metadata valid
}
答案 0 :(得分:2)
OKAY! 我从这里得到了旧指令https://pypi.python.org/pypi/djangosaml2/0.1.0 但是当我通过PIP安装它安装了最新版本时,最新的指令在https://bitbucket.org/lgs/djangosaml2
在深入研究代码后,我终于发现idp密钥应该是'idpsso',见下文:
'idpsso': {
# we do not need a WAYF service since there is
# only an IdP defined here. This IdP should be
# present in our metadata
# the keys of this dictionary are entity ids
'https://openidp.feide.no/simplesaml/saml2/idp/metadata.php': {
'single_sign_on_service': {
saml2.BINDING_HTTP_REDIRECT: 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
},
'single_logout_service': {
saml2.BINDING_HTTP_REDIRECT: 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
},
},
},
},