Allows to add Shibboleth as an external authentication method on Phabricator
Diffusion shibboleth-phabricator (master)
Recent Commits
Recent Commits
| Commit | Author | Details | Committed | ||||
|---|---|---|---|---|---|---|---|
| e36310d7801f | aubort | Merge with version from our fork: add CSP header, hide user creation in… | Oct 27 2020 | ||||
| 5a1e6a3e251a | aubort | - Add organization support as custom field - Support adding the user to… | May 8 2017 | ||||
| 928382612fb6 | aubort | Add user to project at registration | Jun 7 2016 | ||||
| e051c5b0090d | aubort | Fix realname check | Jun 7 2016 | ||||
| 1bcddd682ffe | aubort | merge errors log correctly | Jun 1 2016 | ||||
| e27abfb17107 | aubort | Create username before checking alll the fields, create realname if it's empty | May 19 2016 | ||||
| bf4e68ec15d1 | aubort | Add session and app id to error logs | May 3 2016 | ||||
| e6092d6567e4 | aubort | even more logs | May 3 2016 | ||||
| 39d287102309 | aubort | one error per line as httpd truncate error | May 3 2016 | ||||
| c517fff01b63 | aubort | Add logs | May 3 2016 | ||||
| de0f1ab3ac43 | aubort | one error per line as httpd truncate error | May 2 2016 | ||||
| d698357a26b9 | aubort | Add logs | Apr 28 2016 | ||||
| 231e56864b4b | aubort | Option: Add user to a project when creating the user | Mar 21 2016 | ||||
| 923cddf67a1c | aubort | Ignore vim swap file | Mar 21 2016 | ||||
| 7423fe126b2b | aubort | precision on readme | Mar 17 2016 |
README.md
README.md
Authentication using Shibboleth
- Allows to add Shibboleth as an external authentication method on Phabricator
- You'll have to use apache because Shibboleth is integrated as an Apache module
- Based on a Diff here:
Installation
- Copy the files to the external directories in your Phabricator installation
cp PhabricatorAuthProviderShibboleth.php /path/to/phabricator/src/extensions/ cp PhutilAuthAdapterShibboleth.php /path/to/libphutil/src/extensions/
- Install Shibboleth and configure the service provider
- Configure Apache for Shibboleth authentication on the Phabricator Shibboleth provider, for example in /etc/httpd/conf.d/phabricator.conf
<VirtualHost *:80>
ServerName http://example.com
DocumentRoot /srv/www/facebook/phabricator/webroot
CustomLog "/var/log/httpd/phabricator_access.log" phabricator
ErrorLog "/var/log/httpd/phabricator_error.log"
RewriteEngine on
RewriteRule ^/rsrc/(.*) - [L,QSA]
RewriteRule ^/favicon.ico - [L,QSA]
RewriteCond %{REQUEST_URI} !^/Shibboleth.sso
RewriteRule ^(.*)$ /index.php?__path__=$1 [B,L,QSA]
<Directory "/srv/www/facebook/phabricator/webroot">
Require all granted
AllowOverride None
</Directory>
<Location /auth/login/shibboleth:self/>
AuthType shibboleth
ShibRequestSetting requireSession 1
require shib-session
</Location>
</VirtualHost>- Restart Apache
service apache restart
- Activate the authentication method in Phabricator in the auth application
{F16348}
- You can select "Generated username" to create the username based on the first and last names, and let username fieldname empty
c4science · Help