Prerequisits: on the Preferences panel Misc page need to set the Remember invalid usernames parameter value to 0 and clear the HTTP Redirect Base field value. This is a must with any plugin integration scenario.
Azure SAML is the same as all other SAMl providers, just a little different UI configuration. Use the screenshots below to help guide you.
1.) Create a new application.
2.) Create your own, we don't have a template to choose from.
3.) On the left choose Single Sign On to configure the SSO part of the SAML.
4.) Choose SAML.
5.) Edit.
6.) Configure the URL's for your CrushFTP server. The top one will be the 'SAML Issuer' configuration on the SAMLSSO CrushFTP plugin config.
7.) Download the metadata XML from the site after saving in step 6. Edit with a text editor.
7.1.) Navigate to CrushFTP SAMLSSO plugin configure it based on Azure's Single sign-on (see screenshot too):
7.2.) On CrushFTP SAMLSSO plugin for "_Authentication type:_" set "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport".
7.3.) For "This CrushFTP server's URL" -> put a slash in the end of the url:
Azure SAML is the same as all other SAMl providers, just a little different UI configuration. Use the screenshots below to help guide you.
1.) Create a new application.
2.) Create your own, we don't have a template to choose from.
3.) On the left choose Single Sign On to configure the SSO part of the SAML.
4.) Choose SAML.
5.) Edit.
6.) Configure the URL's for your CrushFTP server. The top one will be the 'SAML Issuer' configuration on the SAMLSSO CrushFTP plugin config.
7.) Download the metadata XML from the site after saving in step 6. Edit with a text editor.
7.1.) Navigate to CrushFTP SAMLSSO plugin configure it based on Azure's Single sign-on (see screenshot too):
[CrushFTP settings] [Azure Settings] SAML Provider URL (EntityID) -> Azure AD Identifier SAML Audience -> Identifier (Entity ID) IDP Redirect URL (HTTP-POST) -> Login URL SAML Issuer -> Identifier (Entity ID)
7.2.) On CrushFTP SAMLSSO plugin for "_Authentication type:_" set "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport".
Authentication type:urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
7.3.) For "This CrushFTP server's URL" -> put a slash in the end of the url:
This CrushFTP server's URL: https://your.domain.com/7.4.) From the "Federation Metadata XML" -> Look in the middle of the XML for the X509 base64 encoded certificate info. Copy it and paste into the "BASE64 encoded PEM Signing certificate" in SAMLSSO plugin in CrushFTP.
Add new attachment
Only authorized users are allowed to upload new attachments.
List of attachments
Kind | Attachment Name | Size | Version | Date Modified | Author | Change note |
---|---|---|---|---|---|---|
png |
1_new_application.png | 246.1 kB | 1 | 19-Jan-2022 13:37 | Ben Spink | |
png |
2_create_your_own.png | 359.1 kB | 1 | 19-Jan-2022 13:38 | Ben Spink | |
png |
3_properties.png | 292.6 kB | 1 | 19-Jan-2022 13:38 | Ben Spink | |
png |
4_sso_saml.png | 268.9 kB | 1 | 19-Jan-2022 13:38 | Ben Spink | |
png |
5_edit.png | 306.0 kB | 1 | 19-Jan-2022 13:38 | Ben Spink | |
png |
6_config.png | 402.7 kB | 1 | 19-Jan-2022 13:38 | Ben Spink | |
png |
plugin_azure_setting_macth.png | 389.4 kB | 1 | 03-May-2022 05:08 | krivacsz | |
png |
saml_metadata_XML.png | 271.6 kB | 1 | 03-May-2022 04:33 | krivacsz |
«
This particular version was published on 28-Feb-2024 16:23 by Ada Csaba.
G’day (anonymous guest)
Log in
JSPWiki