SAML2 requires that the xmlsec1 binary be present and mapped to in the config file.
An install script is provided to easily install onto your Ubuntu server. Update the
publish/install.sh file “dns” value to be the dns of your server, and the “remote” to point to your repo path. If you plan to use ssl you can add the certs into the
publish folder as well. Use names “cert.crt” and “cert.key”.
The publish takes place over SSH from a git server. It is possible to use an accesskey when publishing from fabric.
Update username and hostname with your planned login. Commands require sudo.
After cloning the repository the
install.sh script will install all packages necessary to start up the app.
A configuration file should be created at the project root, along size the
The custom configuration file should be called
config_cust.py. Settings can be copied from
config.py and updated as needed.
At a minimum, the
config_cust.py should import the base configuration.
from config import Config as BaseConfig
ALLOWED_HOSTS = ["localhost"]
export FLASK_APP=web;export FLASK_DEBUG=0;export FLASK_ENV=production;
flask db init;
flask db upgrade;
flask cli seed
# add demo data in needed
# flask cli seed_demo
There are two primary authentication options -
The PySAML2 library is used for SAML authentication, and all the
sp configuration parameters are supported. See the example config file for an ADFS setup example.
LDAP login follows this basic process:
config.pyfile holds the general connection info. A connection to the ldap server is made with the service account credentials supplied in the config file.