Adding config and metadata folders

uqlibrary · Nov 17, 2014 · bb43568 · bb43568
1 parent 2b14e38
commit bb43568
Show file tree

Hide file tree

Showing 24 changed files with 1,784 additions and 1 deletion.
diff --git a/Dockerfile.yours b/Dockerfile.yours
@@ -0,0 +1,5 @@
+FROM ianblenke/simplesamlphp
+MAINTAINER Ian Blenke <[email protected]>
+
+ADD config/ config/
+ADD metadata/ metadata/
diff --git a/Makefile b/Makefile
@@ -1,2 +1,5 @@
-all:
+build:
 	docker build -t ianblenke/simplesamlphp .
+
+run:
+	docker run -ti --rm -v `pwd`/config:/var/www/html/config -v `pwd`/metadata:/var/www/html/metadata ianblenke/simplesamlphp
diff --git a/README.md b/README.md
@@ -2,3 +2,7 @@
 
 This is a packaging of [simplesamlphp](http://simplesamlphp.org)
 
+To use this image, you will want to make your own config/ and metadata/ folders
+
+This can be done by mounting volumes under /var/lib/html/config and /var/lib/html/metadat, or by basing another image off of this one (take a look at Dockerfile.yours).
+
diff --git a/config/acl.php b/config/acl.php
@@ -0,0 +1,61 @@
+<?php
+
+/*
+ * This file defines "named" access control lists, which can
+ * be reused in several places.
+ */
+$config = array(
+
+	'adminlist' => array(
+		//array('allow', 'equals', 'mail', '[email protected]'),
+		//array('allow', 'has', 'groups', 'admin'),
+		/* The default action is to deny access. */
+	),
+
+	'example-simple' => array(
+		array('allow', 'equals', 'mail', '[email protected]'),
+		array('allow', 'equals', 'mail', '[email protected]'),
+		/* The default action is to deny access. */
+	),
+
+	'example-deny-some' => array(
+		array('deny', 'equals', 'mail', '[email protected]'),
+		array('allow'), /* Allow everybody else. */
+	),
+
+	'example-maildomain' => array(
+		array('allow', 'equals-preg', 'mail', '/@example\.org$/'),
+		/* The default action is to deny access. */
+	),
+
+	'example-allow-employees' => array(
+		array('allow', 'has', 'eduPersonAffiliation', 'employee'),
+		/* The default action is to deny access. */
+	),
+
+	'example-allow-employees-not-students' => array(
+		array('deny', 'has', 'eduPersonAffiliation', 'student'),
+		array('allow', 'has', 'eduPersonAffiliation', 'employee'),
+		/* The default action is to deny access. */
+	),
+
+	'example-deny-student-except-one' => array(
+		array('deny', 'and',
+			array('has', 'eduPersonAffiliation', 'student'),
+			array('not', 'equals', 'mail', '[email protected]'),
+		),
+		array('allow'),
+	),
+
+	'example-allow-or' => array(
+		array('allow', 'or',
+			array('equals', 'eduPersonAffiliation', 'student', 'member'),
+			array('equals', 'mail', '[email protected]'),
+		),
+	),
+
+	'example-allow-all' => array(
+		array('allow'),
+	),
+
+);
diff --git a/config/authmemcookie.php b/config/authmemcookie.php
@@ -0,0 +1,86 @@
+<?php
+
+/**
+ * This is the configuration file for the Auth MemCookie example.
+ */
+
+$config = array(
+
+	/*
+	 * What type of login Auth MemCookie will use.
+	 * Can be either 'authsource', 'saml2' or 'shib13'.
+	 *
+	 * For backwards compatibility, the default value if unset is 'saml2'.
+	 * New installations should use 'authsource'.
+	 */
+	'loginmethod' => 'authsource',
+
+	/*
+	 * The authentication source that should be used.
+	 *
+	 * This must be one of the authentication sources configured in config/authsources.php.
+	 */
+	'authsource' => 'default-sp',
+
+	/*
+	 * This is the name of the cookie we should save the session id in. The value of this option must match the
+	 * Auth_memCookie_CookieName option in the Auth MemCookie configuration. The default value is 'AuthMemCookie'.
+	 *
+	 * Default:
+	 *  'cookiename' => 'AuthMemCookie',
+	 */
+	'cookiename' => 'AuthMemCookie',
+
+	/*
+	 * This option specifies the name of the attribute which contains the username of the user. It must be set to
+	 * a valid attribute name.
+	 *
+	 * Examples:
+	 *  'username' => 'uid', // LDAP attribute for user id.
+	 *  'username' => 'mail', // LDAP attribute for email address.
+	 *
+	 * Default:
+	 *  No default value.
+	 */
+	'username' => NULL,
+
+	/*
+	 * This option specifies the name of the attribute which contains the groups of the user. Set this option to
+	 * NULL if you don't want to include any groups.
+	 *
+	 * Example:
+	 *  'groups' => 'edupersonaffiliation',
+	 *
+	 * Default:
+	 *  'groups' => NULL,
+	 */
+	'groups' => NULL,
+
+	/*
+	 * This option contains the hostnames or IP addresses of the memcache servers where we should store the
+	 * authentication information. Separator is a comma. This option should match the address part of the
+	 * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
+	 *
+	 * Examples:
+	 *  'memcache.host' => '192.168.93.52',
+	 *  'memcache.host' => 'memcache.example.org',
+	 *  'memcache.host' => 'memcache1.example.org,memcache2.example.org'
+	 *
+	 * Default:
+	 *  'memcache.host' => '127.0.0.1',
+	 */
+	'memcache.host' => '127.0.0.1',
+
+	/*
+	 * This option contains the port number of the memcache server where we should store the
+	 * authentication information. This option should match the port part of the
+	 * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
+	 *
+	 * Default:
+	 *  'memcache.port' => 11211,
+	 */
+	'memcache.port' => 11211,
+
+);
+
+?>
Original file line number	Diff line number	Diff line change
Expand Up		@@ -2,3 +2,7 @@

		This is a packaging of [simplesamlphp](http://simplesamlphp.org)

		To use this image, you will want to make your own config/ and metadata/ folders

		This can be done by mounting volumes under /var/lib/html/config and /var/lib/html/metadat, or by basing another image off of this one (take a look at Dockerfile.yours).