version: 0.1 listenAddress: ":" logger: timeFormat: "kitchen" tls: maverics: certFile: certs/ keyFile: certs/ appgateways: - name: ebs-asserter idps: - name: azure type: azure authType: saml samlMetadataURL: https://login.microsoftonline.com//federationmetadata/2007-06/federationmetadata.xml?appid= samlConsumerServiceURL: https://maverics.example.com:8443/azure-acs samlEntityID: http://customappsso/ location: / policies: - location: / authentication: idps: - azure loadAttrs: funcName: LoadAttrs code: |+ import ( "fmt" "encoding/json" "net/http" "net/url" "maverics" "maverics/session" "maverics/log" ) func LoadAttrs(ag *maverics.AppGateway, rw http.ResponseWriter, req *http.Request) error { log.Info("msg", "fetch EBS session") if session.GetString(req, "ebs.session") == "" { username := session.GetString(req, "azure.name") username = "maverics" formData := url.Values { "username": { username }, } resp, err := http.PostForm("http:///MavericsEBSAsserter/", formData) if err != nil { log.Info("msg", "Error: " + err.Error()) return err } // Read the session from the json results var result map[string]interface{} log.Info("msg", fmt.Sprintf("response received: %v", resp.Body)) json.NewDecoder(resp.Body).Decode(&result) if result["error"] != nil { log.Error("msg", "Error received: " + result["error"].(string)) return nil } ebssession := result["sessionID"].(string) log.Info("msg", "Found EBS session: " + ebssession) session.Set(req, "ebs.session", ebssession) cookie := http.Cookie{Name: "EBSDB", Value: "", MaxAge: 0, Domain: "apps.example.com"} http.SetCookie(rw, &cookie) cookie = http.Cookie{Name: "EBSDB", Value: ebssession, Domain: "example.com"} http.SetCookie(rw, &cookie) http.Redirect(rw, req, "http://apps.example.com:8000/OA_HTML/OA.jsp?OAFunc=OANEWHOMEPAGE#", 301) } return nil } authorization: allowAll: true - resource: /sonar/accessdenied allowUnauthenticated: true - resource: /sonar/error allowUnauthenticated: true