We’d like to have a go using Otter Wiki, but rather than having yet more usernames and passwords, we would like to integrate this into the Raven authentication system. There is guide on using SAML2 with Apache
The steps are:
- Start the provided container.
- Visit http://your-container/Shibboleth.sso/Metadata and download the
Metadata. - Go to https://metadata.raven.cam.ac.uk and create a new site by pasting in the metadata.
- Wait one minute and try to connect to http://your-container
Otter Wiki, when started with the environment variable AUTH_METHOD=PROXY_HEADER, reads HTTP header fields x-otterwiki-name, x-otterwiki-email and x-otterwiki-permissions. See this example
Apache can be configured to set these header fields based upon the SAML user who is authenticated with Raven:
ShibUseEnvironment On
RequestHeader set x-otterwiki-name %{displayName}e
RequestHeader set x-otterwiki-email %{REMOTE_USER}s
RequestHeader set x-otterwiki-permissions "READ,WRITE,UPLOAD,ADMIN”
I have created a docker-compose.yml file, which incorporates Apache running as a reverse proxy, an Otter Wiki container and includes HTTPS support with a Let’s Encrypt certificate. The files are available on GitHub
The test site is https://otterwiki.tunbury.uk.