Puppet Class: dariahshibboleth

Inherits:
dariahshibboleth::params
Inherited by:
dariahshibboleth::config
dariahshibboleth::install
dariahshibboleth::service
Defined in:
manifests/init.pp

Overview

This class provides the dariahshibboleth module. It installs and configures the SP.

Parameters:

  • attribute_checker_flushsession (Boolean) (defaults to: $dariahshibboleth::params::attribute_checker_flushsession)

    Whether to flush AttributeChecker's session

  • attribute_checker_requiredattributes (Array) (defaults to: $dariahshibboleth::params::attribute_checker_requiredattributes)

    Array of attributes required from the IdP, if absent the user is sent to DARIAH registration. Defaults to ['eppn','mail','givenName','sn'].

  • cert (Optional[String]) (defaults to: undef)

    Accepts the cert file for the SP, as created by shib-keygen. It is styrongly recommended to check the certificate's signature algorithm.

  • custom_metadata_url (Optional[String]) (defaults to: $dariahshibboleth::params::custom_metadata_url)

    URL from where to get federation metadata.

  • custom_metadata_signature_cert (Optional[String]) (defaults to: $dariahshibboleth::params::custom_metadata_signature_cert)

    Puppet file source containing the public cert to verify the metadata.

  • dariah_registration_url (String) (defaults to: $dariahshibboleth::params::dariah_registration_url)

    The URL where to send users to register with DARIAH and update their data.

  • discoveryurl (String) (defaults to: $dariahshibboleth::params::discoveryurl)

    The URL of the Discovery Service / WAYF, defaults to the DARIAH CDS.

  • fakeshibdata (String) (defaults to: $dariahshibboleth::params::fakeshibdata)

    Hash of fake shibboleth session data.

  • federation_enabled (Boolean) (defaults to: $dariahshibboleth::params::federation_enabled)

    Whether to enable full federation support.

  • handlerssl (Boolean) (defaults to: $dariahshibboleth::params::handlerssl)

    Whether to use SSL for the Shibboleth handler. Defaults to true and should not be changed unless you are very sure.

  • handlerurl_prefix (Optional[String]) (defaults to: undef)

    Sets the prefix in the mount path of the SP's HandlerURL.

  • hostname (String) (defaults to: $facts['networking']['fqdn'])

    The hostname used in building the SP metadata, needs to match the cert's fqdn. Defaults to the system's fully qualified domain name.

  • idp_entityid (String) (defaults to: $dariahshibboleth::params::idp_entityid)

    EntityID of the IdP to use, defaults to the DARIAH Homeless IdP's entityId. This is used only if not in federation setup for whitelisting.

  • key (Optional[String]) (defaults to: undef)

    Accepts the key file for the SP, as created by shib-keygen..

  • locallogout_headertags (Optional[String]) (defaults to: undef)

    Additional header tags to insert into localLogout.html.

  • mail_contact (String) (defaults to: $dariahshibboleth::params::mail_contact)

    The mail address to be used as contact address in the SP's metadata.

  • remote_user_pref_list (String) (defaults to: $dariahshibboleth::params::remote_user_pref_list)

    Accepts a string containing the list of attributes in order of preference for setting the REMOTE_USER variable. Default to eppn persistent-id targeted-id.

  • standby_cert (Optional[String]) (defaults to: undef)

    Standby Shibboleth SP cert for rollover migration.

  • standby_key (Optional[String]) (defaults to: undef)

    Standby Shibboleth SP key for rollover migration.

  • tou_enforced (Boolean) (defaults to: $dariahshibboleth::params::tou_enforced)

    Whether to enforce acceptance of DARIAH ToU.

  • tou_sp_tou_group (Optional[String]) (defaults to: undef)

    SP specific ToU's group, only active if tou_enforced=true.

  • tou_sp_tou_name (Optional[String]) (defaults to: undef)

    SP specif ToU's name, only active if tou_enforced=true.

  • use_dfn_basic (Boolean) (defaults to: $dariahshibboleth::params::use_dfn_basic)

    Load the DFN-Basic AAI Metadata.

  • use_dfn_test (Boolean) (defaults to: $dariahshibboleth::params::use_dfn_test)

    Load the DFN-Test AAI Metadata.

  • use_dfn_edugain (Boolean) (defaults to: $dariahshibboleth::params::use_dfn_edugain)

    Load the eduGAIN Metadata from DFN (without DFN!).

  • use_edugain (Boolean) (defaults to: $dariahshibboleth::params::use_edugain)

    Load the eduGAIN Metadata directly.



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'manifests/init.pp', line 37

class dariahshibboleth (
  Boolean $attribute_checker_flushsession          = $dariahshibboleth::params::attribute_checker_flushsession,
  Array   $attribute_checker_requiredattributes    = $dariahshibboleth::params::attribute_checker_requiredattributes,
  Optional[String] $cert                           = undef,
  Optional[String] $custom_metadata_url            = $dariahshibboleth::params::custom_metadata_url,
  Optional[String] $custom_metadata_signature_cert = $dariahshibboleth::params::custom_metadata_signature_cert,
  String  $dariah_registration_url                 = $dariahshibboleth::params::dariah_registration_url,
  String  $discoveryurl                            = $dariahshibboleth::params::discoveryurl,
  String  $fakeshibdata                            = $dariahshibboleth::params::fakeshibdata,
  Boolean $federation_enabled                      = $dariahshibboleth::params::federation_enabled,
  Boolean $handlerssl                              = $dariahshibboleth::params::handlerssl,
  Optional[String] $handlerurl_prefix              = undef,
  String  $hostname                                = $facts['networking']['fqdn'],
  String  $idp_entityid                            = $dariahshibboleth::params::idp_entityid,
  Optional[String] $key                            = undef,
  Optional[String] $locallogout_headertags         = undef,
  String  $mail_contact                            = $dariahshibboleth::params::mail_contact,
  String  $remote_user_pref_list                   = $dariahshibboleth::params::remote_user_pref_list,
  Optional[String] $standby_cert                   = undef,
  Optional[String] $standby_key                    = undef,
  Boolean $tou_enforced                            = $dariahshibboleth::params::tou_enforced,
  Optional[String] $tou_sp_tou_group               = undef,
  Optional[String] $tou_sp_tou_name                = undef,
  Boolean $use_edugain                             = $dariahshibboleth::params::use_edugain,
  Boolean $use_dfn_basic                           = $dariahshibboleth::params::use_dfn_basic,
  Boolean $use_dfn_test                            = $dariahshibboleth::params::use_dfn_test,
  Boolean $use_dfn_edugain                         = $dariahshibboleth::params::use_dfn_edugain,
) inherits dariahshibboleth::params {

  anchor { 'dariahshibboleth::begin': } ->
  class { '::dariahshibboleth::install':}->
  class { '::dariahshibboleth::config': }~>
  class { '::dariahshibboleth::service': }->
  anchor { 'dariahshibboleth::end': }

}