You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Max Erenberg af865567df use Wants dependency on Apache 11 months ago
systemd use Wants dependency on Apache 11 months ago
.gitignore first commit 11 months ago
README.md use Wants dependency on Apache 11 months ago
config.json first commit 11 months ago
go.mod first commit 11 months ago
go.sum first commit 11 months ago
main.go first commit 11 months ago
service_provider_provider.go first commit 11 months ago
session_provider.go first commit 11 months ago

README.md

saml-passthrough

This program is intended to run behind the Apache mod_auth_mellon module. It receives ADFS user information from Apache over FastCGI, then passes it back to Keycloak (which is acting as a SAML SP).

Create a new keypair

openssl req -newkey rsa:2048 -nodes -keyout idp.key -x509 -out idp.crt -days 3680 -subj '/CN=SAML Passthrough/O=Computer Science Club'

Make sure to renew the cert in ten years.

Apache config

Add the following snippet to /etc/apache2/sites-real/csc (and make sure mod_proxy_fcgi is enabled):

<Location /keycloak/saml/ >
  SetHandler "proxy:unix:/run/saml-passthrough/server.sock|fcgi://localhost"
</Location>
<Location /keycloak/saml/sso >
  AuthType Mellon
  MellonEnable auth
  Require valid-user
</Location>