I've made a docker image with the mandatory plugins, configured the django3_saml2_nbplugin :
plugins: ['django3_saml_nbplugin']
pluginsConfig: {
'django3_saml2_nbplugin': {
'AUTHENTICATION_BACKEND': REMOTE_AUTH_BACKEND,
'ASSERTION_URL': 'https://netbox.***.***.***cloud',
'ENTITY_ID': 'https://netbox.***.***.***cloud/',
'METADATA_LOCAL_FILE_PATH': '/opt/netbox/metadata.xml',
'CUSTOM_ATTR_BACKEND': {
# Attribute containing the username. Optional.
'USERNAME_ATTR': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress',
# Attribute containing the user's email. Optional.
'MAIL_ATTR': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress',
# Attribute containing the user's first name. Optional.
'FIRST_NAME_ATTR': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname',
# Attribute containing the user's last name. Optional.
'LAST_NAME_ATTR': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname',
# Set to True to always update the user on logon
# from SAML attributes on logon. Defaults to False.
'ALWAYS_UPDATE_USER': False,
# Attribute that contains groups. Optional.
'GROUP_ATTR': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/groups',
# Dict of user flags to groups.
# If the user is in the group then the flag will be set to True. Optional.
'FLAGS_BY_GROUP': {
'is_staff': 'saml-group1',
'is_superuser': 'saml-group2'
},
# Dict of SAML groups to NetBox groups. Optional.
# Groups must be created beforehand in NetBox.
'GROUP_MAPPINGS': {
'saml-group3': 'netbox-group'
}
}
}
}
I've also added the 'SSO Login button' on the home page, once I click it it loops on login page again with a slightly modified url:
1st Login:
https://netbox**..*.cloud/login/*
Once i've clicked on the SSO button, it'goes to the SAML provider, then it loops back to the login page with this URL:
https://netbox...cloud/login/?next=/sso/acs/
When, I change I append /api/plugins/
It seems that the SAML request is received by SAML provider as it should.
Also, when I connect to netbox using the static admin account, I can see this:
Anyone has ever tried this SAML configuration using this HELM chart ? I'am using a netboxcommunity/netbox:latest docker image that i've modified to copy the metadata file and the needed plugin, but it remains the same image after all.
Hi,
I'am using a HELM chart (provided here: https://github.com/bootc/netbox-chart) to deploy Netbox on Kubernetes. For the rremoteAuth configuration:
I've made a docker image with the mandatory plugins, configured the django3_saml2_nbplugin :
I've also added the 'SSO Login button' on the home page, once I click it it loops on login page again with a slightly modified url: 1st Login: https://netbox**..*.cloud/login/* Once i've clicked on the SSO button, it'goes to the SAML provider, then it loops back to the login page with this URL: https://netbox...cloud/login/?next=/sso/acs/
When, I change I append /api/plugins/
It seems that the SAML request is received by SAML provider as it should.
Also, when I connect to netbox using the static admin account, I can see this:
Anyone has ever tried this SAML configuration using this HELM chart ? I'am using a netboxcommunity/netbox:latest docker image that i've modified to copy the metadata file and the needed plugin, but it remains the same image after all.