This role installs and configures a Shibboleth2 SP against Azure AD, supports CentOS/Debian/Fedora based systems.
This role requires Ansible 1.4 or higher and platform requirements are listed in the metadata file.
# sample configuration
# replace "contoso.com" with your "tenant id"
#
shibboleth_sp:
host: localhost
webserver: apache
federation_metadata_url: https://login.microsoftonline.com/contoso.com/federationmetadata/2007-06/federationmetadata.xml
federation_signer_certificate_url: False
default_idp: https://sts.windows.net/contoso.com/
certificate_subject: "C=HU/ST=Your state/L=Your city/O=Your Company"
certificate_mail: [email protected]
Your AD domain name
URL of AD FederationMetadata.xml
You can found this value inside federation metadata xml, under entityID attribute.
shibboleth uses a self signed certificate, this values are used on the generation of that certificate.
Don't forget to override these default values.
Create a test_vars.yml file and define role variables.
To test with default vagrant vm:
$ vagrant up test
You can test against other distros too, ej. fedora:
$ vagrant up fedora
or centos:
$ vagrant up centos7
None
BSD
- Juan Pablo Giménez [email protected]
- base on https://github.com/sitya/ansible-role-shibboleth_sp/ - Tamas Frank [email protected]