This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

SSO Integration via SAML with Developer Portal 4.17.0.1

Posted on 07-10-2017 02:16 AM
gauravjain_59
New Member
Reply posted on --/--/---- --:-- AM

Hi @gkoli@apigee.com

I was following the Steps mentioned at link below to setup SAML on Developer Portal version 4.16.0.5

https://community.apigee.com/articles/29201/sso-integration-via-saml-with-developer-portal.html

Now we have moved to Developer Portal version 4.17.0.1 (nginx instead of apache and postgres instead of mariadb), how should we configure below two points of Step 5

  • Set ‘store.type’ to sql
  • Set the value of the 'store.sql.dsn' key as 'mysql:host=<dbhost>;port=<port>;dbname=<database>

Also are there any other changes related to new version in the Steps mentioned in link above.

I made the below entries in config.php

'store.type' => 'sql',

'store.sql.dsn' => 'pgsql:host=localhost;port=5432;dbname=devportal'

I am getting 403 Forbidden, when trying to access

http://<devportal_fqdn>:8080/simplesaml/

and it is redirecting to url

http://<devportal_fqdn>:8080/simplesaml/module.php/core/frontpage_welcome.php

Thanks

0 5 1,136
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
cmbrown
Staff
Reply posted on --/--/---- --:-- AM

It needs to be something like pgsql:host=localhost;port=5432;dbname=testdb;user=bruce;password=mypass

0 Likes

Posted on --/--/---- --:-- AM
cmbrown
Staff
Reply posted on --/--/---- --:-- AM

Take at look here and see if this ngnix.conf file changes does the trick https://groups.google.com/forum/#!msg/simplesamlphp/TvU1qZpWBIs/N6KBsGc-aqgJ

0 Likes

Posted on --/--/---- --:-- AM
gauravjain_59
New Member
In response to cmbrown
Reply posted on --/--/---- --:-- AM

Hi @Christin Brown

I have added below code in

/opt/apigee/apigee-drupal-devportal/source/conf/apigee-drupal-devportal-nginx.conf

Attaching the file for reference

location = /simplesaml {
        alias /opt/apigee/apigee-drupal/sites/default/private/simplesamlphp/www; ## 
        location ~ ^(?<prefix>/saml)(?<phpfile>.+?\.php)(?<pathinfo>/.*)?$ { 
          include fastcgi_params; 
          fastcgi_pass unix:/var/run/php5-fpm.sock; 
          fastcgi_param SCRIPT_FILENAME $document_root$phpfile; 
          fastcgi_param PATH_INFO       $pathinfo if_not_empty; 
        } 
    } <br>

But still no luck, did I miss anything ?

apigee-drupal-devportal-nginx.zip

apigee-drupal-devportal-nginx.zip
0 Likes

Posted on --/--/---- --:-- AM
jan
New Member
Reply posted on --/--/---- --:-- AM

This seems to do the trick:

  1. Add following to /opt/apigee/apigee-drupal-devportal/source/conf/apigee-drupal-devportal-nginx.conf
        location /simplesaml {
      alias /opt/apigee/apigee-drupal/sites/default/private/simplesamlphp/www;
      location ~ ^(?<prefix>/simplesaml)(?<phpfile>.+?\.php)(?<pathinfo>/.*)?$ {
        include /opt/nginx/conf/fastcgi_params;
        fastcgi_pass 127.0.0.1:{T}php_fpm_port{/T};

        fastcgi_split_path_info ^(.+?\.php)(/.+)$;
        fastcgi_param SCRIPT_FILENAME $document_root$phpfile;
        fastcgi_param PATH_INFO $pathinfo if_not_empty;
      }
    }
  2. Restart services with /opt/apigee/apigee-service/bin/apigee-service apigee-drupal-devportal restart
  3. Copy all files from /opt/apigee/apigee-drupal/sites/default/private/simplesamlphp/config-templates to /opt/apigee/apigee-drupal/sites/default/private/simplesamlphp/config
  4. Modify following values in /opt/apigee/apigee-drupal/sites/default/private/simplesamlphp/config/config.php
        'baseurlpath' => 'http://_FQDN_:_PORT_/simplesaml/',
    'store.type' => 'sql',
    'store.sql.dsn' => 'pgsql:host=_FQDN_;port=_PORT_;dbname=_DBNAME_',
    'store.sql.username' => '_DBUSER_',
    'store.sql.password' => '_DBPASS_',
    'trusted.url.domains' => array('_FQDN_:_PORT_'),

Posted on --/--/---- --:-- AM
jyothikiranr
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @GAURAV

The master process for php-fpm has no unix socket by default

/opt/apigee/apigee-drupal-devportal-4.xxx.xxxx/conf/php-fpm.conf

So your location block should like this. 

location ^~ /simplesaml {
  index index.php index.html index.htm;
  alias /opt/apigee/apigee-drupal/wwwroot/private/simplesamlphp/www;
    location ~ ^(?<prefix>/simplesaml)(?<phpfile>.+?\.php)(?<pathinfo>/.*)?$ {
    include /opt/nginx/conf/fastcgi_params;
    fastcgi_pass 127.0.0.1:8888;
    fastcgi_param SCRIPT_FILENAME $document_root$phpfile;
    fastcgi_param PATH_INFO $pathinfo if_not_empty;
        }
       }

Please use /opt/apigee/apigee-drupal/wwwroot/private/ as your location for simplesamlphp as indicated above.

Also of you for fastcgi_pass check the IP and port number of php-fpm master process at /opt/apigee/apigee-drupal-devportal-4.xxx.xxxx/conf/php-fpm.conf if the config above doesnt work

0 Likes