Skip to content

Commit

Permalink
Store saml remote user configuration separately from sssd lookup
Browse files Browse the repository at this point in the history
saml configuration (mod_auth_mellon) uses a different delimiter from sssd type configurations.

The templates have been changed to reflect this change.
The appliance console is now respecting this change
  • Loading branch information
kbrock committed Sep 4, 2024
1 parent b77d60d commit f438373
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 5 deletions.
4 changes: 3 additions & 1 deletion lib/manageiq/appliance_console/saml_authentication.rb
Original file line number Diff line number Diff line change
Expand Up @@ -90,13 +90,15 @@ def fetch_idp_metadata

def copy_apache_saml_configfiles
debug_msg("Copying Apache SAML Config files ...")
copy_template(HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf")
copy_template(HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf")
copy_template(HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf")
end

def remove_apache_saml_configfiles
debug_msg("Removing Apache SAML Config files ...")
# legacy systems may have manageiq-remote-user.conf instead of manageiq-remote-user-saml.conf
remove_file(HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user.conf"))
remove_file(HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user-saml.conf"))
remove_file(HTTPD_CONFIG_DIRECTORY.join("manageiq-external-auth-saml.conf"))
end

Expand Down
2 changes: 1 addition & 1 deletion lib/manageiq/appliance_console/version.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
module ManageIQ
module ApplianceConsole
VERSION = '9.1.1'.freeze
VERSION = '10.0.0'.freeze
end
end
7 changes: 4 additions & 3 deletions spec/saml_authentication_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
:params => ["https://#{client_host}", "https://#{client_host}/saml2"])

allow(subject).to receive(:copy_template)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf").and_return(true)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf").and_return(true)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf").and_return(true)

expect(subject).to receive(:say).with("Setting Appliance Authentication Settings to SAML ...")
Expand Down Expand Up @@ -75,7 +75,7 @@
:params => ["https://#{client_host}", "https://#{client_host}/saml2"])

allow(subject).to receive(:copy_template)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf").and_return(true)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf").and_return(true)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf").and_return(true)
expect(subject).to receive(:download_network_file).with(idp_metadata_url, described_class::IDP_METADATA_FILE).and_return(true)

Expand Down Expand Up @@ -113,7 +113,7 @@
expect(FileUtils).to receive(:cp).with(downloaded_idp_metadata, described_class::IDP_METADATA_FILE).and_return(true)

allow(subject).to receive(:copy_template)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf").and_return(true)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf").and_return(true)
expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf").and_return(true)

expect(subject).to receive(:say).with("Setting Appliance Authentication Settings to SAML ...")
Expand All @@ -138,6 +138,7 @@
allow(subject).to receive(:remove_file)
expect(subject).to receive(:remove_file).with(described_class::HTTPD_CONFIG_DIRECTORY.join("manageiq-external-auth-saml.conf")).and_return(true)
expect(subject).to receive(:remove_file).with(described_class::HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user.conf")).and_return(true)
expect(subject).to receive(:remove_file).with(described_class::HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user-saml.conf")).and_return(true)

expect(subject).to receive(:say).with(/Unconfiguring SAML Authentication .../)
expect(subject).to receive(:say).with(/Setting Appliance Authentication Settings to Database .../)
Expand Down

0 comments on commit f438373

Please sign in to comment.