[DJangoSAML2][1]
Here is the SAML configuration in settings.py file
SAML_CONFIG = {
'xmlsec_binary': '/usr/bin/xmlsec1',
'name': 'authentik',
'entityid': 'authentik',
'service': {
'sp': {
'want_assertions_signed': True,
'want_response_signed': True,
'allow_unsolicited': True,
'endpoints': {
'assertion_consumer_service': [
('http://localhost:8003/saml/acs/', saml2.BINDING_HTTP_POST),
],
'single_logout_service': [
('http://localhost:8003/saml/ls/', saml2.BINDING_HTTP_REDIRECT),
],
},
'required_attributes': ['email'],
'assertionConsumerService': {
'url': 'localhost:8003/admins/message/', # URL to receive SAML responses
# Use the Redirect binding
'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
},
},
},
'debug': 1,
# private part(downloaded from authentik)
'key_file': os.path.join(BASE_DIR, 'authentik_private_key.pem'),
# public part(downloaded from authentik)
'cert_file': os.path.join(BASE_DIR, 'authentik_certificate.pem'),
'allow_unknown_attributes': True,
# 'attribute_map_dir': os.path.join(BASE_DIR, 'authentik/attribute_maps'),
'metadata': {
'local': [os.path.join(BASE_DIR, 'SAML-admin_authentik_meta.xml')],
},
'valid_for': 24, # how long is our metadata valid
'accepted_time_diff': 120, # seconds
}
当want_assertions_signed和want_response_signed设置为True时,我收到
Verification Certificate configured, but request is not signed.
错误。
我是否缺少设置文件中的某些配置。为什么未使用此配置对请求进行签名。
任何线索都会有帮助。