Hello,
I have alfresco CE 5.1 on centos 7 with apache httpd as proxy.
I would like to set up external authentication over saml2 with mod_auth_mellon. I installed mod_auth_mellon and tried to authenticate a simple application residing in the document root and it worked. But when I want to authenticate alfresco I am not able to.
When I set up metadata this way:
/usr/libexec/mod_auth_mellon/mellon_create_metadata.sh https://alfresco.company.org/share https://alfresco.company.org/mellon
I set up that xml file to idp and configured httpd this way
<Location “/”> MellonEnable auth MellonSPPrivateKeyFile /etc/httpd/mellon/my.key MellonSPCertFile /etc/httpd/mellon/my.cert MellonSPMetadataFile /etc/httpd/mellon/my.xml MellonIdPMetadataFile /etc/httpd/mellon/idp_metadata.xml MellonSamlResponseDump On MellonIDP "IDP" MellonEndpointPath /mellon RequestHeader set X-Alfresco-Remote-User %{R_U}e </Location> # AJP proxy ProxyRequests Off ProxyPreserveHost On ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/
According to alfresco manual I set up alfresco-global.properties and share-config.xml.
I do not know what endpoint setup because because alfresco app is not in directory structure.
Please, can you help me how to configure properly mod_auth_mellon?
Thanks a lot
Libor
