Versions Compared

Version Old Version 1 New Version 2
Changes made by

Pooja Gupta (Unlicensed)

Pooja Gupta (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

1

Key

Description

2

entityId:

Identifier (Entity ID) for your SMAL configuration

3

appId:

copy app id from App Federation Metadata Url

4

metadataUrl:

App Federation Metadata Url

5

metdataFilePath :

Download SAML Signing Certificate from sso provider site and store it in INSIGHTS_HOME

6

keyStoreFilePath:

path of certificae like saml-keystore.jks, Download this certificate from your sso provider URL 

7

keyAlias:

saml-keystore.jks username

8

keyPass:

saml-keystore.jks password

9

keyStorePass :

saml-keystore.jks password

10

appBaseUrl :

Application service Host URL https://<HostOrDomainName>/PlatformService

11

relayStateUrl :

SSO login UI page URL https://<HostOrDomainName>/app/#/ssologin

12

defaultTargetUrl :

Application user authenticate url https://<HostOrDomainName>/user/authenticate

13

postLogoutURL :

SAML or SSO provider logout URL, Example value https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0

14

tokenSigningKey:

This is use as secrete key to sign JWT token,It should be 128 character ,Example value:"insights_IDP_CogDevops_SSO_Token_string"

7. We need to download SAML Signing Certificate from sso provider site and import it in your application ssl   certificate file using following command

keytool -importcert -file certificate.cer -keystore keystore.jks -alias "Alias"

Where certificate.cer file received from sso provider and keystore.jks is Insights certificate file

8. Add application host name in insightsServiceURL in server-config.json

9. Add host information in  trustedHosts in server-config.json

10. Restart Apache Tomcat and

11. Call URL https://<HostOrDomainName>//app

12 Login with your organization credential

Disable SSO

  1. Mark “enableSSO” as false in server-config.json

  2. Mark “ssoEnabled” as false in uiConfig.json

  3. Open grafana default.ini file and disable in [auth.proxy] section and make sure that [auth.basic] enabled 

  4. Remove following in Apache Httpd vhost file Apache24\conf\extra\httpd-vhosts.conf

SetEnvIf Cookie "(^|;\ *)username=([^;\ ]+)" MyCookieValue=$2
RequestHeader set X-WEBAUTH-USER "%{MyCookieValue}e"

5.Restart Apache httpd server and Grafana

6.Restart Apache Tomcat