Revision as of 09:56, 14 July 2017

1 SAML Single Sign-On with Pandora FMS

SAML is an XML-based open standard for authentication and authorization. Pandora FMS Enterprise can act as a service provider with your internal SAML identity provider.

Administrators are always authenticated against the local database.

1.1 Configuring Pandora FMS

Go to Administration -> Setup -> Authentication and select SAML under Authentication method.

1.2 Configuring the service provider

Download [SimpleSamlphp] and install it in /opt/simplesamlphp/. Make sure the file /opt/simplesamlphp/lib/_autoload.php exists. Follow the [SimpleSAMLphp Service Provider QuickStart] guide and configure the service provider. You will need your identity provider's metadata.

1.3 Configuring your identity provider

Configure your identity provider to send the following attributes to the service provider:

eduPersonTargetedId: A unique user identifier.
commonName: The name of the user.
mail: The user's email.
schacHomeOrganization: The group the user belongs to. It must exist in your Pandora FMS Console.

1.4 Logging in

Navigate to your Pandora FMS Console and click on the Login button. You will be redirected to your identity provider.

After a successful login you will be redirected back to the Pandora FMS Console.

@@ Line 9: / Line 9: @@
 Go to ''Administration -> Setup -> Authentication'' and select ''SAML'' under ''Authentication method''.
-<br>
-<br>
 <center>
 [[image:Saml setup.png]]
 </center>
-<br>
-<br>
 == Configuring the service provider ==
@@ Line 33: / Line 29: @@
 Navigate to your Pandora FMS Console and click on the ''Login'' button. You will be redirected to your identity provider.
-<br>
-<br>
 <center>
 [[image:Saml idp.png|800px]]
 </center>
-<br>
-<br>
 After a successful login you will be redirected back to the Pandora FMS Console.

Navigation menu

Difference between revisions of "Pandora: Documentation en: saml"