OneLogin SAML Instructions #779
Comments
|
OK doing a little more poking around and realized I need https://github.com/onelogin/python-saml What I'm not clear on is this section: Any help would be appreciated. |
|
Hey @fstuck37 - The Line 70 in 93092a6 However, your pip install should also work just fine. The sudo apt-get install libxml2-dev
sudo apt-get install libxmlsec1-devI don't believe these instructions are necessary:
Make sure your config has the ACTIVE_PROVIDERS = ['onelogin']If you're still having trouble, see if the security_monkey/security_monkey/sso/views.py Line 361 in 813a0c6 Maybe change this: if onelogin_import_success:
api.add_resource(OneLogin, '/auth/onelogin', endpoint='onelogin')to this: if onelogin_import_success:
api.add_resource(OneLogin, '/auth/onelogin', endpoint='onelogin')
current_app.logger.debug('onelogin should be good to go')
else:
current_app.logger.debug('onelogin import failure')And check the logs to see if onelogin imported correctly. |
|
Thanks for the info I think I'm getting further however it's still not working. which tracing that down points to the file you suggested since it won't set the endpoint if the import isn't successful. So I guess I'm back to, I know I'm missing an install step for OneLogin to get that working. I'm thinking I need to do a python setup.py for OneLogin with some parameters but really not clear what's needed to tie it in with Security Monkey. Any suggestions would be appreciated. Thanks again, P.S. My thanks to the entire Security Monkey team for releasing this great tool! |
This is how you might tell setup.py to install the extras, but it literally does the same thing as your pip install. Here's the code that actually imports the library: try:
from onelogin.saml2.auth import OneLogin_Saml2_Auth
from onelogin.saml2.utils import OneLogin_Saml2_Utils
onelogin_import_success = True
except ImportError:
onelogin_import_success = Falseso maybe open python up interactively and try to import the onelogin stuff: |
|
OK That helped and lead me to a segmentation fault with the import. So I kept poking around and found this: Still looking to see if there is a cleaner fix, however, this did the job. I'll confirm that it works tomorrow as I have to have the OneLogin team make a change. Thanks for all the help! |
|
Success! Thanks again to the Security Monkey team for releasing this publicly. Thanks, |
|
@MonkeySecurity - I was going to write a doc on how to do various things like setting up OneLogin etc. |
|
@fstuck37 Can you elaborate on what changes you made to config.py and on the OneLogin side? Error from log file: |
|
@EmptyLaughter Unfortunately I had it working in our development environment and got side tracked with the deployment. When I returned and tried to deploy to production it no longer worked. I need to find time to get it working again but here is what I was doing: ONELOGIN_APP_ID = OneLogin Application ID sed -i "s/<APP_ID>/${ONELOGIN_APP_ID}/" /usr/local/src/security_monkey/env-config/config.py sed -i "s/User.email/User.email/" /usr/local/src/security_monkey/env-config/config.py Thanks, |
Hello All,
Does anyone have instructions on how to setup OneLogin authentication?
I've made what I think are the correct changes to the config.py file, however, the site does not prompt for SSO credentials and local authentication still works.
What I did notice in the config.py file is "{BASE}api/1/auth/onelogin?acs" which when I try to access that URL I receive 404 error. So wondering if I'm missing something in my deployment.
Searched around a bunch but the only reference I've found is to the config file.
Any help would be appreciated.
Thanks,
Fred
The text was updated successfully, but these errors were encountered: