我正在尝试使 djangosaml2 正常工作,我已尝试针对https://openidp.feide.no/尽可能地配置设置但是当我导航到 /saml2/login/ 时出现以下错误:
cannot serialize IdpUnspecified('No IdP to send to given the premises',) (type IdpUnspecified)
这是我在设置中的
LOGIN_URL = '/saml2/login/'
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
from os import path
import saml2
BASEDIR = path.dirname(path.abspath(__file__))
SAML_CONFIG = {
# full path to the xmlsec1 binary programm
'xmlsec_binary': '/usr/bin/xmlsec1',
# your entity id, usually your subdomain plus the url to the metadata view
'entityid': 'http://localhost:8000/saml2/metadata/',
# directory with attribute mapping
'attribute_map_dir': path.join(BASEDIR, 'attributemaps'),
# this block states what services we provide
'service': {
# we are just a lonely SP
'sp' : {
'name': 'Just a saml test SP',
'endpoints': {
# url and binding to the assetion consumer service view
# do not change the binding or service name
'assertion_consumer_service': [
('http://localhost:8000/saml2/acs/',
saml2.BINDING_HTTP_POST),
],
# url and binding to the single logout service view
# do not change the binding or service name
'single_logout_service': [
('http://localhost:8000/saml2/ls/',
saml2.BINDING_HTTP_REDIRECT),
],
},
# attributes that this project need to identify a user
'required_attributes': ['uid'],
# attributes that may be useful to have but not required
'optional_attributes': ['eduPersonAffiliation'],
# in this section the list of IdPs we talk to are defined
'idp': {
# we do not need a WAYF service since there is
# only an IdP defined here. This IdP should be
# present in our metadata
# the keys of this dictionary are entity ids
'https://openidp.feide.no/simplesaml/saml2/idp/metadata.php': {
'single_sign_on_service': {
saml2.BINDING_HTTP_REDIRECT: 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
},
'single_logout_service': {
saml2.BINDING_HTTP_REDIRECT: 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
},
},
},
},
},
# where the remote metadata is stored
'metadata': {
'local': [path.join(BASEDIR, 'remote_metadata.xml')],
},
# set to 1 to output debugging information
'debug': 1,
# certificate
'key_file': path.join(BASEDIR, 'mycert.key'), # private part
'cert_file': path.join(BASEDIR, 'mycert.pem'), # public part
# own metadata settings
'contact_person': [
{'given_name': 'James',
'sur_name': 'Lin',
'company': 'Company',
'email_address': 'james@james.com',
'contact_type': 'technical'},
],
# you can set multilanguage information here
'organization': {
'name': [('Company', 'en'),],
'display_name': [('Company', 'en')],
'url': [('http://www.company.com', 'en')],
},
'valid_for': 24, # how long is our metadata valid
}