docs: cas-server-site，新增配置项

commit: bbee39bba028353e574a3011b19cc0c698c8fe73 [log] [tgz]
author: 刘洪青 <hongqing.liu@supwisdom.com> 周四 11月 25 10:04:52 2021 +0800
committer: 刘洪青 <hongqing.liu@supwisdom.com> 周一 12月 27 13:02:19 2021 +0800
tree: 3f9cbb649720ee7883275e63218d0529758d6c07
parent: 61f18c2800ff0722864f05d7fb9e537b17b0a801 [diff]
diff --git a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
index 6826c26..aee638a 100644
--- a/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml
+++ b/deploy-manifests/k8s-rancher/1.authx-service/4.cas-server/4.5.cas-server-site-webapp.yaml

@@ -2,6 +2,21 @@
 
 ---
 apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  namespace: cas-server
+  name: cas-server-site-webapp-saml-pvc
+spec:
+  accessModes:
+    - ReadWriteMany
+  # 根据情况修改
+  storageClassName: nfs-client
+  resources:
+    requests:
+      storage: 1Gi
+
+---
+apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: cas-server
@@ -56,6 +71,29 @@
   CAS_AUTHN_ACCEPT_USERS: ""
 
 
+  ##
+  # SAML IdP
+  #
+  CAS_AUTHN_SAML_IDP_ENTITY_ID: https://cas.paas.xxx.edu.cn/cas/idp
+  CAS_AUTHN_SAML_IDP_SCOPE: cas.paas.xxx.edu.cn
+
+  ##
+  # SAML Metadata
+  #
+  CAS_AUTHN_SAML_IDP_METADATA_LOCATION: file:/etc/cas/saml
+
+
+  ##
+  # OAuth2
+  #
+  CAS_AUTHN_OAUTH_REFRESH_TOKEN_TIME_TO_KILL_IN_SECONDS: "2592000"
+
+  CAS_AUTHN_OAUTH_CODE_TIME_TO_KILL_IN_SECONDS: "30"
+
+  CAS_AUTHN_OAUTH_ACCESS_TOKEN_MAX_TIME_TO_LIVE_IN_SECONDS: "28800"
+  CAS_AUTHN_OAUTH_ACCESS_TOKEN_TIME_TO_KILL_IN_SECONDS: "7200"
+
+
   ## 配置第三方认证的相关参数
   CASSERVER_FEDERATION_QQ_ENABLED: "true"
   CASSERVER_FEDERATION_QQ_NAME: QQ
@@ -281,6 +319,15 @@
           timeoutSeconds: 5
           successThreshold: 1
           failureThreshold: 10
+        volumeMounts:
+        - mountPath: /etc/cas/saml
+          name: saml-metadata
+      volumes:
+      # - name: saml-metadata
+      #   emptyDir: {}
+      - name: saml-metadata
+        persistentVolumeClaim:
+          claimName: cas-server-site-webapp-saml-pvc
       imagePullSecrets:
         - name: harbor-registry
commit	bbee39bba028353e574a3011b19cc0c698c8fe73	[log] [tgz]
author	刘洪青 <hongqing.liu@supwisdom.com>	周四 11月 25 10:04:52 2021 +0800
committer	刘洪青 <hongqing.liu@supwisdom.com>	周一 12月 27 13:02:19 2021 +0800
tree	3f9cbb649720ee7883275e63218d0529758d6c07
parent	61f18c2800ff0722864f05d7fb9e537b17b0a801 [diff]