Help

Question about integrating sso with docker

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
AidenZ
Member II
‎26 May 2022 8:03 AM

Question about integrating sso with docker

hello all,

Due to business needs, I need modules to integrate sso.

But after I followed the tutorial to generate my-saml.keystore file, and made file placement and configuration changes, strange info appeared.

Prompt "SAML key store must have one alias" and "Missing SAML key for SP share".

Below is my directory structure:

├── alfresco
│   ├── Dockerfile
│   └── modules
│       ├── amps
│       │   ├── alfresco
│       │   │   └── extension
│       │   │       └── subsystems
│       │   │           └── SAML
│       │   │               ├── repository
│       │   │               │   ├── aos
│       │   │               │   │   └── my-custom-aos-sp.properties.sample
│       │   │               │   └── rest-api
│       │   │               │       └── my-custom-rest-api-sp.properties.sample
│       │   │               └── share
│       │   │                   └── share
│       │   │                       └── my-custom-share-sp.properties.sample
│       │   ├── alfresco-global.properties.sample
│       │   ├── alfresco-s3-connector-5.0.0.amp
│       │   ├── alfresco-saml-repo-1.2.2.amp
│       │   ├── alfresco-saml-share-1.2.2.amp
│       │   ├── empty
│       │   ├── javascript-console-repo-0.7-SNAPSHOT.amp
│       │   ├── README.txt
│       │   └── share-config-custom.xml.sample
│       └── jars
│           └── empty
├── config
│   └── nginx.conf
├── data
│   ├── alf-repo-data
│   │   ├── cachedcontent
│   │   └── contentstore.deleted
│   ├── postgres-data [error opening dir]
│   └── solr-data
├── docker-compose.yml
├── keystores
│   ├── alfresco
│   │   └── my-saml.keystore
│   └── my-saml.keystore
├── logs
│   ├── alfresco
│   └── postgres
├── my-saml.keystore
└── search
    └── Dockerfile

Below is my docker configuration:

alfresco:
        build:
          context: ./alfresco
          args:
            ALFRESCO_TAG: 7.2.0
            DB: postgres
            SOLR_COMMS: secret 
        mem_limit: 1900m
        depends_on: 
            - postgres
        environment:
            JAVA_TOOL_OPTIONS: " 
                -Dencryption.keystore.type=JCEKS 
                -Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding 
                -Dencryption.keyAlgorithm=DESede 
                -Dencryption.keystore.location=/usr/local/tomcat/shared/classes/alfresco/extension/keystore/keystore 
                -Dmetadata-keystore.password=mp6yc0UD9e 
                -Dmetadata-keystore.aliases=metadata 
                -Dmetadata-keystore.metadata.password=oKIWzVdEdA 
                -Dmetadata-keystore.metadata.algorithm=DESede 
                -Dsaml-keystore.aliases=my-saml-key
                -Dsaml-keystore.password=password_AES 
                -Dsaml-keystore.my-saml-key.password=password_AES 
                -Dsaml-keystore.my-saml-key.algorithm=AES
                -Dsaml.keystore.location=/usr/local/tomcat/keystore 
                "
            JAVA_OPTS: "
                -Ddb.username=alfresco
                -Ddb.password=alfresco
                -Ddb.driver=org.postgresql.Driver
                -Ddb.url=jdbc:postgresql://postgres:5432/alfresco
                -Dsolr.host=solr6
                -Dsolr.port=8983
                -Dsolr.secureComms=secret
                -Dsolr.sharedSecret=secret
                -Dsolr.base.url=/solr
                -Dindex.subsystem.name=solr6
                -Dshare.host=127.0.0.1
                -Dshare.port=8080
                -Dalfresco.host=localhost
                -Dalfresco.port=8080
                -Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos
                -Dmessaging.broker.url=
                -Dmessaging.broker.username=
                -Dmessaging.broker.password=
                -Ddeployment.method=DOCKER_COMPOSE
                -Dtransform.service.enabled=true
                -Dtransform.service.url=http://transform-router:8095
                -Dsfs.url=http://shared-file-store:8099/
                -DlocalTransform.core-aio.url=http://transform-core-aio:8090/
                -Dcsrf.filter.enabled=false
                -Ddsync.service.uris=http://localhost:9090/alfresco
                -DtrialUid=id18904771
                -XX:MinRAMPercentage=50
                -XX:MaxRAMPercentage=80
                -Ds3.bucketName=
                -Ds3.bucketLocation=
                -Ddir.s3.contentstore=/usr/local/tomcat/alf_data/contentstore
                -Ddir.s3.contentstore.deleted=/usr/local/tomcat/alf_data/contentstore.deleted
                -Dfilecontentstore.subsystem.name=S3
                "
        volumes: 
            - ./data/alf-repo-data:/usr/local/tomcat/alf_data
            - ./logs/alfresco:/usr/local/tomcat/logs   
            - ./keystores/alfresco:/usr/local/tomcat/keystore

info:

alfresco_1            | 2022-05-25 04:09:23,712  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'SAML' subsystem, ID: [SAML, managed, share]
alfresco_1            | 2022-05-25 04:09:27,433  WARN  [saml.core.SAMLCredentialResolverDelegate] [main] SAML key store must have one alias.
alfresco_1            | 2022-05-25 04:09:27,433  WARN  [saml.sp.AbstractSAMLSPConfigAdminService] [main] Missing SAML key for SP share
alfresco_1            | 2022-05-25 04:09:27,434  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Startup of 'SAML' subsystem, ID: [SAML, managed, share] complete
alfresco_1            | 2022-05-25 04:09:27,434  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'SAML' subsystem, ID: [SAML, managed, rest-api]
alfresco_1            | 2022-05-25 04:09:27,680  WARN  [saml.core.SAMLCredentialResolverDelegate] [main] SAML key store must have one alias.
alfresco_1            | 2022-05-25 04:09:27,680  WARN  [saml.sp.AbstractSAMLSPConfigAdminService] [main] Missing SAML key for SP rest-api
alfresco_1            | 2022-05-25 04:09:27,680  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Startup of 'SAML' subsystem, ID: [SAML, managed, rest-api] complete
alfresco_1            | 2022-05-25 04:09:27,682  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'SAML' subsystem, ID: [SAML, managed, aos]

May I ask if I have a configuration error or the file is in the wrong place.

Labels
0 Kudos
Alfresco Content Services: Add-ons

Add-ons is the place to find extensions, Alfresco customizations and related projects for your installation.

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.