Question about integrating sso with docker

cancel
Showing results for 
Search instead for 
Did you mean: 
AidenZ
Member II

Question about integrating sso with docker

hello all,

Due to business needs, I need modules to integrate sso.

But after I followed the tutorial to generate my-saml.keystore file, and made file placement and configuration changes, strange info appeared.

Prompt "SAML key store must have one alias" and "Missing SAML key for SP share".

Below is my directory structure:

├── alfresco
│   ├── Dockerfile
│   └── modules
│       ├── amps
│       │   ├── alfresco
│       │   │   └── extension
│       │   │       └── subsystems
│       │   │           └── SAML
│       │   │               ├── repository
│       │   │               │   ├── aos
│       │   │               │   │   └── my-custom-aos-sp.properties.sample
│       │   │               │   └── rest-api
│       │   │               │       └── my-custom-rest-api-sp.properties.sample
│       │   │               └── share
│       │   │                   └── share
│       │   │                       └── my-custom-share-sp.properties.sample
│       │   ├── alfresco-global.properties.sample
│       │   ├── alfresco-s3-connector-5.0.0.amp
│       │   ├── alfresco-saml-repo-1.2.2.amp
│       │   ├── alfresco-saml-share-1.2.2.amp
│       │   ├── empty
│       │   ├── javascript-console-repo-0.7-SNAPSHOT.amp
│       │   ├── README.txt
│       │   └── share-config-custom.xml.sample
│       └── jars
│           └── empty
├── config
│   └── nginx.conf
├── data
│   ├── alf-repo-data
│   │   ├── cachedcontent
│   │   └── contentstore.deleted
│   ├── postgres-data [error opening dir]
│   └── solr-data
├── docker-compose.yml
├── keystores
│   ├── alfresco
│   │   └── my-saml.keystore
│   └── my-saml.keystore
├── logs
│   ├── alfresco
│   └── postgres
├── my-saml.keystore
└── search
    └── Dockerfile

Below is my docker configuration:

alfresco:
        build:
          context: ./alfresco
          args:
            ALFRESCO_TAG: 7.2.0
            DB: postgres
            SOLR_COMMS: secret 
        mem_limit: 1900m
        depends_on: 
            - postgres
        environment:
            JAVA_TOOL_OPTIONS: " 
                -Dencryption.keystore.type=JCEKS 
                -Dencryption.cipherAlgorithm=DESede/CBC/PKCS5Padding 
                -Dencryption.keyAlgorithm=DESede 
                -Dencryption.keystore.location=/usr/local/tomcat/shared/classes/alfresco/extension/keystore/keystore 
                -Dmetadata-keystore.password=mp6yc0UD9e 
                -Dmetadata-keystore.aliases=metadata 
                -Dmetadata-keystore.metadata.password=oKIWzVdEdA 
                -Dmetadata-keystore.metadata.algorithm=DESede 
                -Dsaml-keystore.aliases=my-saml-key
                -Dsaml-keystore.password=password_AES 
                -Dsaml-keystore.my-saml-key.password=password_AES 
                -Dsaml-keystore.my-saml-key.algorithm=AES
                -Dsaml.keystore.location=/usr/local/tomcat/keystore 
                "
            JAVA_OPTS: "
                -Ddb.username=alfresco
                -Ddb.password=alfresco
                -Ddb.driver=org.postgresql.Driver
                -Ddb.url=jdbc:postgresql://postgres:5432/alfresco
                -Dsolr.host=solr6
                -Dsolr.port=8983
                -Dsolr.secureComms=secret
                -Dsolr.sharedSecret=secret
                -Dsolr.base.url=/solr
                -Dindex.subsystem.name=solr6
                -Dshare.host=127.0.0.1
                -Dshare.port=8080
                -Dalfresco.host=localhost
                -Dalfresco.port=8080
                -Daos.baseUrlOverwrite=http://localhost:8080/alfresco/aos
                -Dmessaging.broker.url=
                -Dmessaging.broker.username=
                -Dmessaging.broker.password=
                -Ddeployment.method=DOCKER_COMPOSE
                -Dtransform.service.enabled=true
                -Dtransform.service.url=http://transform-router:8095
                -Dsfs.url=http://shared-file-store:8099/
                -DlocalTransform.core-aio.url=http://transform-core-aio:8090/
                -Dcsrf.filter.enabled=false
                -Ddsync.service.uris=http://localhost:9090/alfresco
                -DtrialUid=id18904771
                -XX:MinRAMPercentage=50
                -XX:MaxRAMPercentage=80
                -Ds3.bucketName=
                -Ds3.bucketLocation=
                -Ddir.s3.contentstore=/usr/local/tomcat/alf_data/contentstore
                -Ddir.s3.contentstore.deleted=/usr/local/tomcat/alf_data/contentstore.deleted
                -Dfilecontentstore.subsystem.name=S3
                "
        volumes: 
            - ./data/alf-repo-data:/usr/local/tomcat/alf_data
            - ./logs/alfresco:/usr/local/tomcat/logs   
            - ./keystores/alfresco:/usr/local/tomcat/keystore 

info:

alfresco_1            | 2022-05-25 04:09:23,712  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'SAML' subsystem, ID: [SAML, managed, share]
alfresco_1            | 2022-05-25 04:09:27,433  WARN  [saml.core.SAMLCredentialResolverDelegate] [main] SAML key store must have one alias.
alfresco_1            | 2022-05-25 04:09:27,433  WARN  [saml.sp.AbstractSAMLSPConfigAdminService] [main] Missing SAML key for SP share
alfresco_1            | 2022-05-25 04:09:27,434  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Startup of 'SAML' subsystem, ID: [SAML, managed, share] complete
alfresco_1            | 2022-05-25 04:09:27,434  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'SAML' subsystem, ID: [SAML, managed, rest-api]
alfresco_1            | 2022-05-25 04:09:27,680  WARN  [saml.core.SAMLCredentialResolverDelegate] [main] SAML key store must have one alias.
alfresco_1            | 2022-05-25 04:09:27,680  WARN  [saml.sp.AbstractSAMLSPConfigAdminService] [main] Missing SAML key for SP rest-api
alfresco_1            | 2022-05-25 04:09:27,680  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Startup of 'SAML' subsystem, ID: [SAML, managed, rest-api] complete
alfresco_1            | 2022-05-25 04:09:27,682  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'SAML' subsystem, ID: [SAML, managed, aos]

May I ask if I have a configuration error or the file is in the wrong place.