mirror of
https://github.com/bringout/oca-server-auth.git
synced 2026-04-18 16:52:03 +02:00
Initial commit: OCA Server Auth packages (29 packages)
This commit is contained in:
Ernad Husremovic
commit
3ed80311c4
1325 changed files with 127292 additions and 0 deletions
178
odoo-bringout-oca-server-auth-auth_saml/auth_saml/README.rst
Normal file
178
odoo-bringout-oca-server-auth-auth_saml/auth_saml/README.rst
Normal file
|
|
@ -0,0 +1,178 @@
|
|||
====================
|
||||
SAML2 Authentication
|
||||
====================
|
||||
|
||||
..
|
||||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
!! This file is generated by oca-gen-addon-readme !!
|
||||
!! changes will be overwritten. !!
|
||||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
!! source digest: sha256:5aa0ecfdde2bcc32865c5da17331096cb58254161938b36003e6f0baf825107c
|
||||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
|
||||
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
|
||||
:target: https://odoo-community.org/page/development-status
|
||||
:alt: Beta
|
||||
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
|
||||
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
|
||||
:alt: License: AGPL-3
|
||||
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
|
||||
:target: https://github.com/OCA/server-auth/tree/16.0/auth_saml
|
||||
:alt: OCA/server-auth
|
||||
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
|
||||
:target: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_saml
|
||||
:alt: Translate me on Weblate
|
||||
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
|
||||
:target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=16.0
|
||||
:alt: Try me on Runboat
|
||||
|
||||
|badge1| |badge2| |badge3| |badge4| |badge5|
|
||||
|
||||
Let users log into Odoo via an SAML2 identity provider.
|
||||
|
||||
This module allows to deport the management of users and passwords in an
|
||||
external authentication system to provide SSO functionality (Single Sign On)
|
||||
between Odoo and other applications of your ecosystem.
|
||||
|
||||
**Benefits**:
|
||||
|
||||
* Reducing the time spent typing different passwords for different accounts.
|
||||
|
||||
* Reducing the time spent in IT support for password oversights.
|
||||
|
||||
* Centralizing authentication systems.
|
||||
|
||||
* Securing all input levels / exit / access to multiple systems without
|
||||
prompting users.
|
||||
|
||||
* The centralization of access control information for compliance testing to
|
||||
different standards.
|
||||
|
||||
**Table of contents**
|
||||
|
||||
.. contents::
|
||||
:local:
|
||||
|
||||
Installation
|
||||
============
|
||||
|
||||
This addon requires the python module ``pysaml2``.
|
||||
|
||||
``pysaml2`` requires the binary ``xmlsec1`` (on Debian or Ubuntu you can install it with ``apt-get install xmlsec1``)
|
||||
|
||||
Configuration
|
||||
=============
|
||||
|
||||
To use this module, you need an IDP server, properly set up.
|
||||
|
||||
#. Configure the module according to your IdP’s instructions
|
||||
(Settings > Users & Companies > SAML Providers).
|
||||
#. Pre-create your users and set the SAML information against the user.
|
||||
|
||||
By default, the module let users have both a password and SAML ids.
|
||||
To increase security, disable passwords by using the option in Settings.
|
||||
Note that the admin account can still have a password, even if the option is activated.
|
||||
Setting the option immediately remove all password from users with a configured SAML ids.
|
||||
|
||||
If all the users have a SAML id in a single provider, you can set automatic redirection
|
||||
in the provider settings. The autoredirection will only be done on the active provider
|
||||
with the highest priority. It is still possible to access the login without redirection
|
||||
by using the query parameter ``disable_autoredirect``, as in
|
||||
``https://example.com/web/login?disable_autoredirect=`` The login is also displayed if
|
||||
there is an error with SAML login, in order to display any error message.
|
||||
|
||||
If you are using Office365 as identity provider, set up the federation metadata document
|
||||
rather than the document itself. This will allow the module to refresh the document when
|
||||
needed.
|
||||
|
||||
Usage
|
||||
=====
|
||||
|
||||
Users can login with the configured SAML IdP with buttons added in the login screen.
|
||||
|
||||
Known issues / Roadmap
|
||||
======================
|
||||
|
||||
* clean up ``auth_saml.request``
|
||||
|
||||
Changelog
|
||||
=========
|
||||
|
||||
16.0.1.2.1 (2025-05-13)
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
**Bugfixes**
|
||||
|
||||
- Avoid redirecting when there is a SAML error. ()
|
||||
|
||||
|
||||
16.0.1.0.0
|
||||
~~~~~~~~~~
|
||||
|
||||
Initial migration for 16.0.
|
||||
|
||||
Bug Tracker
|
||||
===========
|
||||
|
||||
Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
|
||||
In case of trouble, please check there if your issue has already been reported.
|
||||
If you spotted it first, help us to smash it by providing a detailed and welcomed
|
||||
`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_saml%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
|
||||
|
||||
Do not contact contributors directly about support or help with technical issues.
|
||||
|
||||
Credits
|
||||
=======
|
||||
|
||||
Authors
|
||||
~~~~~~~
|
||||
|
||||
* XCG Consulting
|
||||
|
||||
Contributors
|
||||
~~~~~~~~~~~~
|
||||
|
||||
* `XCG Consulting <https://xcg-consulting.fr/>`__:
|
||||
|
||||
* Florent Aide <florent.aide@xcg-consulting.fr>
|
||||
* Vincent Hatakeyama <vincent.hatakeyama@xcg-consulting.fr>
|
||||
* Alexandre Brun
|
||||
* Houzéfa Abbasbhay <houzefa.abba@xcg-consulting.fr>
|
||||
* Szeka Wong <szeka.wong@xcg-consulting.fr>
|
||||
* Jeremy Co Kim Len <jeremy.cokimlen@vinci-concessions.com>
|
||||
* Jeffery Chen Fan <jeffery9@gmail.com>
|
||||
* Bhavesh Odedra <bodedra@opensourceintegrators.com>
|
||||
* `Tecnativa <https://www.tecnativa.com/>`__:
|
||||
|
||||
* Jairo Llopis
|
||||
* `GlodoUK <https://www.glodo.uk/>`__:
|
||||
|
||||
* Karl Southern
|
||||
* `TAKOBI <https://takobi.online/>`__:
|
||||
|
||||
* Lorenzo Battistini
|
||||
|
||||
Maintainers
|
||||
~~~~~~~~~~~
|
||||
|
||||
This module is maintained by the OCA.
|
||||
|
||||
.. image:: https://odoo-community.org/logo.png
|
||||
:alt: Odoo Community Association
|
||||
:target: https://odoo-community.org
|
||||
|
||||
OCA, or the Odoo Community Association, is a nonprofit organization whose
|
||||
mission is to support the collaborative development of Odoo features and
|
||||
promote its widespread use.
|
||||
|
||||
.. |maintainer-vincent-hatakeyama| image:: https://github.com/vincent-hatakeyama.png?size=40px
|
||||
:target: https://github.com/vincent-hatakeyama
|
||||
:alt: vincent-hatakeyama
|
||||
|
||||
Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:
|
||||
|
||||
|maintainer-vincent-hatakeyama|
|
||||
|
||||
This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/16.0/auth_saml>`_ project on GitHub.
|
||||
|
||||
You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
|
||||
Loading…
Add table
Add a link
Reference in a new issue