52 lines
1.5 KiB
Markdown
52 lines
1.5 KiB
Markdown
# SSO Configuration for KMS Testing
|
|
|
|
This directory contains configuration files for testing SSO integration with the KMS application.
|
|
|
|
## Directory Structure
|
|
|
|
```
|
|
sso-config/
|
|
├── keycloak/
|
|
│ └── kms-realm.json # Keycloak realm configuration
|
|
└── README.md # This file
|
|
```
|
|
|
|
## Test Users
|
|
|
|
The following test users are configured in both identity providers:
|
|
|
|
| Email | Password | Permissions | Description |
|
|
|-------|----------|-------------|-------------|
|
|
| admin@example.com | admin123 | internal.* | Full administrative access |
|
|
| test@example.com | test123 | app.read, token.read | Standard user access |
|
|
| limited@example.com | limited123 | repo.read | Limited access user |
|
|
|
|
## Keycloak Configuration
|
|
|
|
- **Admin Console**: http://localhost:8090
|
|
- **Admin Credentials**: admin / admin
|
|
- **Realm**: kms
|
|
- **Client ID**: kms-api
|
|
- **Client Secret**: kms-client-secret
|
|
|
|
### Key Features:
|
|
- Pre-configured realm with test users
|
|
- OpenID Connect protocol support
|
|
- Custom attribute mapping for permissions
|
|
- Proper redirect URIs for local development
|
|
|
|
## SimpleSAMLphp Configuration
|
|
|
|
- **Admin Console**: http://localhost:8091/simplesaml
|
|
- **Admin Credentials**: admin / secret
|
|
- **Test Users**: user1 / user1pass, user2 / user2pass
|
|
|
|
### Key Features:
|
|
- SAML 2.0 Identity Provider
|
|
- Pre-configured service provider settings
|
|
- Test certificates (DO NOT use in production)
|
|
- Metadata endpoint available
|
|
|
|
## Usage
|
|
|
|
See the main CLAUDE.md file for detailed usage instructions. |