From: 刘洪青 Date: Thu, 25 Nov 2021 02:04:52 +0000 (+0800) Subject: docs: cas-server-site,新增配置项 X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=bbee39bba028353e574a3011b19cc0c698c8fe73;p=institute%2Fdeploy-authx-service.git docs: cas-server-site,新增配置项 --- diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml index 6826c26..aee638a 100644 --- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml +++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml @@ -1,5 +1,20 @@ # cas-server-site-webapp.yaml +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + namespace: cas-server + name: cas-server-site-webapp-saml-pvc +spec: + accessModes: + - ReadWriteMany + # 根据情况修改 + storageClassName: nfs-client + resources: + requests: + storage: 1Gi + --- apiVersion: v1 kind: ConfigMap @@ -56,6 +71,29 @@ data: CAS_AUTHN_ACCEPT_USERS: "" + ## + # SAML IdP + # + CAS_AUTHN_SAML_IDP_ENTITY_ID: https://cas.paas.xxx.edu.cn/cas/idp + CAS_AUTHN_SAML_IDP_SCOPE: cas.paas.xxx.edu.cn + + ## + # SAML Metadata + # + CAS_AUTHN_SAML_IDP_METADATA_LOCATION: file:/etc/cas/saml + + + ## + # OAuth2 + # + CAS_AUTHN_OAUTH_REFRESH_TOKEN_TIME_TO_KILL_IN_SECONDS: "2592000" + + CAS_AUTHN_OAUTH_CODE_TIME_TO_KILL_IN_SECONDS: "30" + + CAS_AUTHN_OAUTH_ACCESS_TOKEN_MAX_TIME_TO_LIVE_IN_SECONDS: "28800" + CAS_AUTHN_OAUTH_ACCESS_TOKEN_TIME_TO_KILL_IN_SECONDS: "7200" + + ## 配置第三方认证的相关参数 CASSERVER_FEDERATION_QQ_ENABLED: "true" CASSERVER_FEDERATION_QQ_NAME: QQ @@ -281,6 +319,15 @@ spec: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 10 + volumeMounts: + - mountPath: /etc/cas/saml + name: saml-metadata + volumes: + # - name: saml-metadata + # emptyDir: {} + - name: saml-metadata + persistentVolumeClaim: + claimName: cas-server-site-webapp-saml-pvc imagePullSecrets: - name: harbor-registry