Skip to content
Snippets Groups Projects
Commit faeb025a authored by Anthony's avatar Anthony
Browse files

Merge branch 'anthony-main-patch-57264' into 'main' 

Update README.md

See merge request dolibarr/uncu/sso!2
parents 3b279d21 29737c26
No related branches found
No related tags found
1 merge request!2Update README.md
Show whitespace changes
Inline Side-by-side
Showing
with 36 additions and 8 deletions
README.md
+ 36
8
View file @ faeb025a
# SSO # SSO
This is dockerised keycloak system This is dockerised Keycloak system. Keycloak support openid_connect.
This project is part of "Transformation Numérique" project from FFCU.
It's designed to be connected to a Dolibarr instance and other partners applciations.
## Setting up your environement ## Setting up your environement
1. Clone this repository 1. Clone this repository
2. `cp .env.sample .env` 2. `cp .env.sample .env`
3. Edit .env (host, keycloak admin credential and MariaDB password) 3. Edit .env (host, keycloak admin credential and MariaDB password)
4. Run KeyCloak with docker-compose
## Secure the first application ## Launch environement
To secure the first application, folow [this tutorial](https://www.keycloak.org/getting-started/getting-started-docker) but start docker with the docker compose. `docker-compose up`
## SSO with dolibarr ## Configuration
### Create realm, first user and connect first application
Follow the official [get started tutorial](https://www.keycloak.org/getting-started/getting-started-docker)
## Link a Dolibarr instance to Keycloak
### Prerequisites ### Prerequisites
set un dockerised [Dolibarr](https://gitlab.tetras-libre.fr/nocloud/docker/dolibarr) Set un dockerised [Dolibarr](https://gitlab.tetras-libre.fr/nocloud/docker/dolibarr)
### Set up Dolibarr
### Set up
To set up SSO with dolibarr you need folow this insctruction : To set up SSO with dolibarr you need folow this insctruction :
1. Create user with the same username in dolibarr and keycloak 1. Create user with the same username in dolibarr and keycloak
2. Generate the dolibarr variable with `dolibarr_variables.py`. If you don't know where to find the information requested by the script, see Prerequisites 2. Generate the dolibarr variable with `dolibarr_variables.py`. If you don't know where to find the information requested by the script, see Prerequisites
3. Put generated variable in dolibarr > Setup > Other Setup 3. Put generated variable in dolibarr > Setup > Other Setup
4. Configure the authentication methods in conf.php (dolibarr_src/htdocs/conf/conf.php) and add openid_connect. `$dolibarr_main_authentication='openid_connect'` 4. Configure the authentication methods in conf.php (dolibarr_src/htdocs/conf/conf.php) and add openid_connect. `$dolibarr_main_authentication='openid_connect'`
5.
- In dev : choose username matching : `preferred_username`
- In prod : Choose mail matching method
For many information, follow the [dolibarr tutorial](https://wiki.dolibarr.org/index.php?title=Authentication,_SSO_and_SSL#Mode_openid_connect)
### Config KeyCloak Dolibarr Prod (WIP)
- In Realm settings > Login, check following options
- Forgot password
- Remember me
- Email as username
- login with email
- verify email
- Realm settings > Email, configur your SMTP parameters + mail informations
- Realm settings > Theme, add your custom theme
- If needed create users group
- Create your users
- Client > account-console > sttings
- Set web origins to *
For many information, folow the [dolibarr tutorial](https://wiki.dolibarr.org/index.php?title=Authentication,_SSO_and_SSL#Mode_openid_connect)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment