-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathproxy_conf.yaml
118 lines (111 loc) · 3.39 KB
/
proxy_conf.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
#--- SATOSA Proxy_conf.yaml Config ---#
BASE: "https://spidauth.DOMINIO_ENTE.it"
INTERNAL_ATTRIBUTES: "internal_attributes.yaml"
COOKIE_STATE_NAME: "SATOSA_STATE"
CONTEXT_STATE_DELETE: yes
COOKIE_MAX_AGE: 600 # 10 minutes
#COOKIE_SECURE: no
#COOKIE_HTTPONLY: no
STATE_ENCRYPTION_KEY: "CHANGE_ME!kjdhaueyy3ihkbdkfbsdfsdfsd3"
cookies_samesite_compat:
- ["SATOSA_STATE", "SATOSA_STATE_LEGACY"]
# The proxy can hash any attribute value (e.g., for obfuscation) before passing it on to the client
# DEPRECATED, use hasher microservice instead
USER_ID_HASH_SALT: "CHANGE_ME!8ueoyr9ywuiehiw843"
#UNKNOW_ERROR_REDIRECT_PAGE: "https://localhost:9999/error_page.html"
UNKNOW_ERROR_REDIRECT_PAGE: "https://spidauth.DOMINIO_ENTE.it/static/error_page.html"
CUSTOM_PLUGIN_MODULE_PATHS:
#- "plugins/ping"
- "plugins/backends"
- "plugins/frontends"
- "plugins/micro_services"
BACKEND_MODULES:
#- "plugins/backends/saml2_backend.yaml"
- "plugins/backends/spidsaml2_backend.yaml"
FRONTEND_MODULES:
- "plugins/frontends/saml2_frontend.yaml"
# - "plugins/frontends/oidc_op_frontend.yaml"
MICRO_SERVICES:
# - "plugins/microservices/spid_unical_account_linking.yaml"
# - "plugins/microservices/multiple_ldap_attribute_store.yaml"
# - "plugins/microservices/ldap_attribute_store.yaml"
# re-process again after new attributes beign pushed (or not) from ldap store
# - "plugins/microservices/spid_unical_account_linking.yaml"
- "plugins/microservices/idp_hinting.yaml"
- "plugins/microservices/disco_to_target_issuer.yaml"
- "plugins/microservices/target_based_routing.yaml"
LOGGING:
version: 1
formatters:
simple:
format: "[%(asctime)-19.19s] [%(levelname)-5.5s]: %(message)s [%(name)s.%(funcName)s:%(lineno)s]"
syslog:
format: "[SATOSA] [%(name)s] [%(levelname)s]: %(message)s"
handlers:
spid_daily:
class: logging.handlers.TimedRotatingFileHandler
level: INFO
formatter: simple
filename: logs/spid.log
when: D
interval: 1
backupCount: 860
syslog:
class: logging.handlers.SysLogHandler
level: INFO
formatter: syslog
console:
class: logging.StreamHandler
level: INFO
formatter: simple
stream: ext://sys.stdout
saml2_debug_file:
class: logging.handlers.RotatingFileHandler
level: DEBUG
formatter: simple
filename: logs/saml2_debug.log
maxBytes: 104857600 # 100MB
backupCount: 20
encoding: utf8
oidcop_debug_file:
class: logging.handlers.RotatingFileHandler
level: DEBUG
formatter: simple
filename: logs/oidcop_debug.log
maxBytes: 104857600 # 100MB
backupCount: 20
encoding: utf8
loggers:
satosa:
level: INFO
formatter: simple
handlers: [console]
propagate: no
saml2:
level: ERROR
formatter: simple
handlers: [console]
propagate: no
satosa.frontends.saml2:
level: DEBUG
formatter: simple
handlers: [saml2_debug_file]
propagate: no
satosa.backends.saml2:
level: DEBUG
formatter: simple
handlers: [saml2_debug_file]
propagate: no
satosa.frontends.idpy_oidcop:
level: DEBUG
formatter: simple
handlers: [console]
propagate: no
backends.spidsaml2:
level: INFO
formatter: simple
handlers: [spid_daily]
propagate: no
# root:
# level: INFO
# handlers: [info_file_handler]