Hello,
I have alfresco CE 5.1 on centos 7 with apache httpd as proxy.
I would like to set up external authentication over saml2 with mod_auth_mellon. I installed mod_auth_mellon and tried to authenticate a simple application residing in the document root and it worked. But when I want to authenticate alfresco I am not able to.
When I set up metadata this way:
/usr/libexec/mod_auth_mellon/mellon_create_metadata.sh https://alfresco.company.org/share https://alfresco.company.org/mellon
I set up that xml file to idp and configured httpd this way
<Location “/”>
MellonEnable auth
MellonSPPrivateKeyFile /etc/httpd/mellon/my.key
MellonSPCertFile /etc/httpd/mellon/my.cert
MellonSPMetadataFile /etc/httpd/mellon/my.xml
MellonIdPMetadataFile /etc/httpd/mellon/idp_metadata.xml
MellonSamlResponseDump On
MellonIDP "IDP"
MellonEndpointPath /mellon
RequestHeader set X-Alfresco-Remote-User %{R_U}e
</Location>
# AJP proxy
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
According to alfresco manual I set up alfresco-global.properties and share-config.xml.
I do not know what endpoint setup because because alfresco app is not in directory structure.
Please, can you help me how to configure properly mod_auth_mellon?
Thanks a lot
Libor
