mirrors/overleaf-toolkit
1
0
Fork 0
mirror of https://github.com/overleaf/toolkit.git synced 2025-04-19 07:18:06 +02:00
Code Activity
overleaf-toolkit/doc/saml.md
Miguel Serrano e2b99f150f
Scripts to update config/overleaf.rc and config-seed rebrand (#217) 
* Add scripts to rebrand variables.env and overleaf.rc

* Update bin/upgrade to prompt for config file rebrand

* Update bin/up to check for correct variable prefix

Ensures SHARELATEX_ is in place for version <= 4.x, and
OVERLEAF_ for version >= 5.x

* Rebrand variables for bin/docker-compose

Updates docker-compose.base.yml and sibling containers
base file with the changes in the script

* Update bin/doctor to support OVERLEAF_ prefix

* Update documentation with the OVERLEAF_ prefix

* Rebrand variables.env and overleaf.rc in config-seed

* Prepare config/version and CHANGELOG for release (WIP)

* Fix script documentation

Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>

* Fix doctor logs

Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>

* Remove unnecessary fallbacks to SHARELATEX_ vars

* SEt OVERLEAF_DATA_PATH to data/overleaf

* Remove duplicated environment entries

* Moved prefix brand checs from bin/up to bin/docker-compose

* Move set +o pipefail into subshell commands

* Use separate legacy compose files for required SHARELATEX_ vars

* Handle overleaf.rc rebranding before version upgrade

* Group output from rebranding process

* Move prompt for rebranding into helper function

* Refuse to start with mismatching ShareLaTeX vs Overleaf branded configs

* Print expected prefix when checking variables.env

* Print number of mismatching variables in overleaf.rc

* Check on variable rebranding from bin/doctor

* Cleanup bin/doctor lookup for ShareLaTeX branded overleaf.rc

* Update filesystem paths in bin/logs and docs

* Flag old TEXMFVAR entry in config/variables.env

REF: 1829e7ee2a

* Update config-seed version to 5.0.1 and changelog

---------

Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
2024-04-02 16:43:08 +02:00

55 lines
2.4 KiB
Markdown
Raw Permalink Blame History

# Overleaf SAML
Available in Overleaf Server Pro is the ability to use a SAML server to manage users.
SAML is configured in the Toolkit via [`variables.env`](./configuration.md).
The `EXTERNAL_AUTH` variable must be set to `saml`, to enable the SAML module:
```
EXTERNAL_AUTH=saml
```
(To preserve backward compatibility with older configuration files, if
`EXTERNAL_AUTH` is not set, but `SHARELATEX_SAML_ENTRYPOINT` is set (`SHARELATEX_LDAP_URL` for versions `4.x` and older), then the SAML
module will be activated. We still recommend setting `EXTERNAL_AUTH` explicitely)
The [Developer wiki](https://github.com/overleaf/overleaf/wiki/Server-Pro:-SAML-Config) contains further documentation on the available Environment Variables and other configuration elements.
## Example
At Overleaf, we test the SAML integration against a SAML test server. The following is an example of a working configuration:
```
# added to variables.env
# For versions of Overleaf CE/Server Pro `4.x` and older use the 'SHARELATEX_' prefix instead of 'OVERLEAF_'
EXTERNAL_AUTH=saml
OVERLEAF_SAML_ENTRYPOINT=http://localhost:8081/simplesaml/saml2/idp/SSOService.php
OVERLEAF_SAML_CALLBACK_URL=http://saml/saml/callback
OVERLEAF_SAML_ISSUER=sharelatex-test-saml
OVERLEAF_SAML_IDENTITY_SERVICE_NAME=SAML Test Server
OVERLEAF_SAML_EMAIL_FIELD=email
OVERLEAF_SAML_FIRST_NAME_FIELD=givenName
OVERLEAF_SAML_LAST_NAME_FIELD=sn
OVERLEAF_SAML_UPDATE_USER_DETAILS_ON_LOGIN=true
```
The `sharelatex/saml-test` image needs to run in the same network as the `sharelatex` container (which by default would be `overleaf_default`), so we'll proceed with the following steps:
- Run `docker network create overleaf_default` (will possibly fail due to a `network with name overleaf_default already exists` error, that's ok).
- Start `saml-test` container with some environment parameters:
```
docker run --network=overleaf_default --name=saml \
--publish='8081:80' \
--env SAML_BASE_URL_PATH='http://localhost:8081/simplesaml/' \
--env SAML_TEST_SP_ENTITY_ID='sharelatex-test-saml' \
--env SAML_TEST_SP_LOCATION='http://localhost/saml/callback' \
sharelatex/saml-test
```
- Edit `variables.env` to add the SAML Environment Variables as listed above.
- Restart Server Pro.
You should be able to login using `sally` as username and `sall123` as password.
View git blame Copy permalink