The mailing list for listmasters using Sympa

[Tornóci László <address@concealed>]

Hi,

On 03/14/2013 06:38 PM, Venkat R wrote:
> Changing the subject line.
>
> Does any one if Sympa supports SAML authentication in wwsympa/web
> interface? I read some docs saying SAML is considered for the SOAP
> interface, but not sure if it already implemented.
>
> SAML can provide user profile too that includes the user email which is
> needed for Sympa. With CAS it can auth but not get user email id, so
> sympa relies on LDAP for it. But if Sympa supports SAML it can do auth
> and also get user profile.
>
> Any direction on it is appreciated.

It is documented here:
http://www.sympa.org/manual_6.1/authentication#setting_up_a_shibboleth-enabled_sympa_server

Shibboleth login (SSO: single sign on) works for me, it passes the email 
addresses just fine. The only thing I couldn't figure out is how to set 
up single logout (SLO) if some of your users use SAML login/logout, some 
regular login/logout. If anyone knows how to do that, I'd be interested 
to know.

                                        Yours: Laszlo
> Thanks,
> Venkat
>
>  > Date: Tue, 12 Mar 2013 16:11:52 +0100
>  > From: address@concealed
>  > To: address@concealed
>  > CC: address@concealed; address@concealed
>  > Subject: Re: [sympa-users] [sympa-dev] WWSYMPA.CGI problem
>  >
>  > Hello,
>  >
>  > i got 12.04.02 ubuntu precise
>  >
>  > with getent passwd i got the uid of the apache user , with getent group
>  > i got the gid of the users group.
>  >
>  > i had to edit
>  > vi /usr/sbin/apache2ctl
>  >
>  > : line 110 install -d -o ${APACHE_RUN_USER:-sympa}
>  >
>  > vi /etc/apache2/envvars
>  >
>  > : export APACHE_RUN_USER=sympa
>  > : export APACHE_RUN_GROUP=sympa
>  >
>  > then give any apache (www-data ) owned file to sympa uid/group
>  > cd /
>  > find . -uid 33 -exec chown sympa {} \;
>  > find . -gid 33 -exec chgrp sympa {} \;
>  >
>  > i got fastcgi not fcgi mod:
>  >
>  > vi /etc/apache2/mods-enabled/fastcgi.conf
>  > : AddHandler fastcgi-script .fcgi
>  >
>  > relevant vhost config:
>  > ScriptAlias /sympa /var/www/listen/cgi-bin/wwsympa.fcgi (owned by sympa)
>  > ScriptAlias /sympahome /home/sympa/bin
>  > ScriptAlias /cgi-bin/ /var/www/listen/cgi-bin/
>  >
>  > Alias /wwsicons /home/sympa/static_content/icons
>  > Alias /wws /var/www/listen/cgi-bin/wwsympa-wrapper.fcgi
>  > Alias /static-sympa /home/sympa/static_content
>  >
>  > i guess its not relevant, but
>  > var/www/listen/cgi-bin/wwsympa-wrapper.fcgi content is:
>  >
>  > #!/bin/bash
>  > # Path to your real wwsympa.fcgi
>  > exec /home/sympa/bin/wwsympa.fcgi
>  >
>  > owned by root
>  >
>  >
>  > my sympa version is latest from the webpage, patched for certificates.
>  >
>  >
>  >