0
私はDevitsでSAMLを設定しようとしています。そのために私はDeviseSamlAuthenticatableという宝石を使っています。 https://github.com/onemedical/devise_saml_authenticatableDeviseSamlAuthenticatableレールを構成した後で移行を実行できません
私は、マイグレーションを実行しようとすると、コンソールがいることを言う:
...宝石/ actionpack-4.1.0/libに/ action_dispatch /ルーティング/ route_set.rb:428:add_route': Invalid route name, already in use: 'new_user_session' (ArgumentError) You may have defined two routes with the same name using the中:option, or you may be overriding a route already defined by a resource with the same naming. For the latter, you can restrict the routes created withとしてここで説明されているようにリソース:
私は以下を実行しました。
でUser.rbモデルが追加さ:設定/初期化子/ devise.rbオン
devise :registerable, :confirmable, :recoverable,
:rememberable, :trackable, :validatable, :database_authenticatable,
:saml_authenticatable, :trackable
追加(サンプル命令コード)
::saml_authenticatable, :trackable
そして、このようになります。
Devise.setup do |config|
...
# ==> Configuration for :saml_authenticatable
# Create user if the user does not exist. (Default is false)
config.saml_create_user = true
# Update the attributes of the user after a successful login. (Default is false)
config.saml_update_user = true
# Set the default user key. The user will be looked up by this key. Make
# sure that the Authentication Response includes the attribute.
config.saml_default_user_key = :email
# Optional. This stores the session index defined by the IDP during login. If provided it will be used as a salt
# for the user's session to facilitate an IDP initiated logout request.
config.saml_session_index_key = :session_index
# You can set this value to use Subject or SAML assertation as info to which email will be compared
# If you don't set it then email will be extracted from SAML assertation attributes
config.saml_use_subject = true
# You can support multiple IdPs by setting this value to a class that implements a #settings method which takes
# an IdP entity id as an argument and returns a hash of idp settings for the corresponding IdP.
config.idp_settings_adapter = nil
# You provide you own method to find the idp_entity_id in a SAML message in the case of multiple IdPs
# by setting this to a custom reader class, or use the default.
# config.idp_entity_id_reader = DeviseSamlAuthenticatable::DefaultIdpEntityIdReader
# You can set a handler object that takes the response for a failed SAML request and the strategy,
# and implements a #handle method. This method can then redirect the user, return error messages, etc.
# config.saml_failed_callback = nil
# Configure with your SAML settings (see [ruby-saml][] for more information).
config.saml_configure do |settings|
settings.assertion_consumer_service_url = "http://localhost:3000/users/saml/auth"
settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
settings.issuer = "http://localhost:3000/saml/metadata"
settings.authn_context = ""
settings.idp_slo_target_url = "http://localhost/simplesaml/www/saml2/idp/SingleLogoutService.php"
settings.idp_sso_target_url = "http://localhost/simplesaml/www/saml2/idp/SSOService.php"
settings.idp_cert = <<-CERT.chomp
-----BEGIN CERTIFICATE-----
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111_______IDP_CERTIFICATE________111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111111111111111111
111111111111111111
-----END CERTIFICATE-----
CERT
end
end
のconfig /属性map.ymlが追加(同じサンプル)
"urn:mace:dir:attribute-def:uid": "user_name"
"urn:mace:dir:attribute-def:email": "email"
"urn:mace:dir:attribute-def:name": "last_name"
"urn:mace:dir:attribute-def:givenName": "name"