From 5a74719505507a19cc7cf71abb1c738cb84a1b78 Mon Sep 17 00:00:00 2001 From: Daniel Pan Date: Tue, 21 Oct 2025 15:06:25 +0800 Subject: [PATCH] Update saml2_in_10.0.md --- manual/config/saml2_in_10.0.md | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/manual/config/saml2_in_10.0.md b/manual/config/saml2_in_10.0.md index 7c37837c..fc0344b1 100644 --- a/manual/config/saml2_in_10.0.md +++ b/manual/config/saml2_in_10.0.md @@ -63,7 +63,7 @@ If you use Microsoft Azure SAML app to achieve single sign-on, please follow the ![](../images/auto-upload/0a693563-d511-4c3c-ac30-82a26d10cfab.png) -and put it under the certs directory(`/opt/seafile/seahub-data/certs`). +and put it under the certs directory(`/opt/seafile-data/seafile/seahub-data/certs`). **Next**, copy the metadata URL of the SAML app: @@ -103,11 +103,6 @@ SAML_REMOTE_METADATA_URL = 'https://login.microsoftonline.com/xxx/federationmeta $ which xmlsec1 ``` - - If certificates are **not placed in** `/opt/seafile/seahub-data/certs`, you need to add the following configuration in seahub_settings.py: - - ```python - SAML_CERTS_DIR = '/path/to/certs' - ``` **Finally**, open the browser and enter the Seafile login page, click `Single Sign-On`, and use the user assigned to SAML app to perform a SAML login test. @@ -206,14 +201,13 @@ SAML_REMOTE_METADATA_URL = 'https://temp.adfs.com/federationmetadata/2007-06/fed ### Example 3: Keycloak SAML 2.0 + In this part, we use Keycloak SAML single sign-on app to show how Seafile integrate SAML 2.0. +We assume Seafile is deployed at `https://demo.seafile.top`. + #### Keycloak SAML single sign-on app -If you use Keycloak SAML app to achieve single sign-on, please follow the steps below: - -The test domain name here is exemplified by `https://demo.seafile.top`. - **First**, Create a new Client: * Client type: Choose `SAML`; @@ -285,7 +279,6 @@ SAML_ATTRIBUTE_MAPPING = { 'mail': ('contact_email', ), } - ``` **Finally**, open the browser and enter the Seafile login page, click Single Sign-On, and use the user assigned to SAML app to perform a SAML login test.