worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
LemonLDAP::NG Web SSO
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11158 Commits
107 Branches
123 Tags
110 MiB
 
 
 
 
 
Tag: Branch: Tree: fc7d907d3e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fc7d907d3e'
${ noResults }
lemonldap-ng/doc/sources/admin/applications/wikijs.rst

56 lines
1.9 KiB
Raw Blame History

Wiki.js
=======
|image0|
Presentation
------------
Wiki.js is an open-source wiki.
See `the official Wiki.js website <https://js.wiki/>`__ for a
complete presentation.
It feature an OpenID Connect login that work with LemonLDAP::NG.
Configuring Wiki.js
-------------------
Connect to your wiki.js instance with an Admin user, in the admin panel, go to "Authentication".
Click on "Add Strategy" and Choose "Generic OpenID Connect / OAuth2".
Choose a Display Name.
Define a Client ID and a Client Secret.
* Authorization Endpoint URL : https://auth.example.com/oauth2/authorize
* Token Endpoint URL : https://auth.example.com/oauth2/token
* User info Endpoint URL : https://auth.example.com/oauth2/userinfo
* Issuer : https://auth.example.com
* Logout URL : https://auth.example.com/oauth2/logout
Make a note of the "Callback URL" and the bottom of the screen and save the configuration.
Configuring LemonLDAP
~~~~~~~~~~~~~~~~~~~~~
We now have to configure LemonLDAP::NG to recognize wiki.js as a valid OIDC relaying party.
Add a :doc:`new OpenID Connect relaying party<..//idpopenidconnect>`
with the following parameters (Options -> Basic) :
* **Client ID**: the same you set in Wiki.js configuration.
* **Client Secret**: the same you set in Wiki.js configuration.
* **Allowed redirection addresses for login**: The "Callback URL" defined in wiki.js.
\_Portal with internal CA
^^^^^^^^^^^^^^^^^^^^^^^^^
.. danger::
OIDC login fails when your LemonLDAP portal doesn't use a publicaly recognized certificate (Internal Corporate CA), this is because nodejs use it's own keystore.
You'll need to pass "NODE_EXTRA_CA_CERTS=" to your wiki installation. If done in docker you will have to create a new image from the official one, add your CA certificates into it, and use the env variable to use it in your wiki.js container.
.. |image0| image:: /applications/wiki.js.svg
:class: align-center