{"id":18608851,"url":"https://github.com/recruitee/sso-shibboleth-example","last_synced_at":"2025-07-20T21:36:49.165Z","repository":{"id":90117900,"uuid":"278587492","full_name":"Recruitee/sso-shibboleth-example","owner":"Recruitee","description":null,"archived":false,"fork":false,"pushed_at":"2020-07-10T12:45:35.000Z","size":1579,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-16T10:00:12.846Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Recruitee.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-10T09:00:12.000Z","updated_at":"2023-12-20T10:15:38.000Z","dependencies_parsed_at":null,"dependency_job_id":"862c9d13-c7c9-4639-b88c-0df14d9db717","html_url":"https://github.com/Recruitee/sso-shibboleth-example","commit_stats":{"total_commits":1,"total_committers":1,"mean_commits":1.0,"dds":0.0,"last_synced_commit":"0a7f668999371d2cec02a02f82796276ade50c0b"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Recruitee/sso-shibboleth-example","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Recruitee%2Fsso-shibboleth-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Recruitee%2Fsso-shibboleth-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Recruitee%2Fsso-shibboleth-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Recruitee%2Fsso-shibboleth-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Recruitee","download_url":"https://codeload.github.com/Recruitee/sso-shibboleth-example/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Recruitee%2Fsso-shibboleth-example/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266204640,"owners_count":23892366,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T03:04:29.760Z","updated_at":"2025-07-20T21:36:49.146Z","avatar_url":"https://github.com/Recruitee.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"A Docker based Shibboleth SAML Identity Provider backed by user repository in OpenLDAP (for development and learning purposes only, not for production use).\n\n# Links\n\n- https://support.recruitee.com/en/articles/2923167-single-sign-on-sso-overview\n\n# Requirements\n\n- Docker\n\n# Setup\n\n```sh\nsudo vim /etc/hosts\n```\n\nAdd this line:\n\n```\n127.0.0.1 shibb.idp\n```\n\n```sh\ngit clone git@github.com:Recruitee/sso-shibboleth-example.git\ncd sso-shibboleth-example\nvim ldif/add_users.ldif\n```\n\nAdd email addresses you have access to, to at least one of the users. Confirming your email address is a required part of signing up in Recruitee.\n\n```sh\nbin/start_shibb_ldap.sh\nbin/1_setup_shibb_idp.sh\n```\n\nAccept the defaults when prompted for inputs for\n\n- Hostname `[shibb.idp]`,\n- SAML EntityID: `[https://shibb.idp/idp/shibboleth]`,\n- Attribute Scope: `[idp]`.\n\nWhen prompted for passwords use any non-empty password. Write it down.\n\n```sh\nvim customized-shibboleth-idp/ext-conf/idp-secrets.properties\n```\n\nWrite down the password previously set to `jetty.backchannel.sslContext.keyStorePassword=`.\n\n```sh\nbin/2_build_image.sh\nbin/3_start_shibb_idp.sh\n```\n\nYou can look up the logs.\n\n```sh\ndocker logs rt_shibb_idp -f\n```\n\nUltimately, you should see a line similar to this:\n\n```log\n10:07:15.476 - INFO [org.eclipse.jetty.server.Server:419] - Started @10047ms\n```\n\nSave the `idp_metadata.xml`.\n\n```sh\nwget --no-check-certificate -O idp_metadata.xml https://shibb.idp/idp/shibboleth\n```\n\nContact your company support manager if you'd like to test this on a separate company before enabling it on your main one.\n\nSign in to Recruitee, visit https://app.recruitee.com/#/settings/company/sso and upload the `idp_metadata.xml` file by clicking \"Upload file and request SSO\".\n\n![](assets/company-settings.png)\n\n![](assets/upload.png)\n\n![](assets/requested.png)\n\nContact our support to enable the SSO. We'll send you a link to our `sp_medata.xml` file.\n\n```sh\nwget -O sp_metadata.xml \"https://auth.recruitee.com/sso/sp/metadata/ssoshibbolethexample?token=xxx\"\ncp sp_metadata.xml customized-shibboleth-idp/metadata/\nbin/4_stop_shibb_idp.sh\nbin/2_build_image.sh\nbin/3_start_shibb_idp.sh\n```\n\nThe configuration should be ready and you should be able to sign in. Visit the SSO sign-in link: https://auth.recruitee.com/sso/sign-in and fill your domain, or use the link with pre-filled domain (example: https://auth.recruitee.com/sso/sign-in/ssoshibbolethexample).\n\nYou will be redirected to https://shibb.idp to sign in. Sign in as Fred with `fflintstone:changeme` credentials. Accept the information to be provided to service:\n\n![](assets/idp-accept.png)\n\nIf an account with this email doesn't exist, you will be asked to sign up. Otherwise, you will be signed in.\n\n![](assets/sign-up.png)\n\n# Start over\n\nIf you want to start over you need to stop the servers, remove generated files, and remove any Docker containers created in this process.\n\n```sh\nbin/5_delete_shibb_idp.sh\nrm -rf customized-shibboleth-idp/\nrm -rf rt_ldap_dv/\ndocker stop $(docker ps --filter name=rt_ldap --format \"{{.ID}}\") | xargs docker rm\ndocker system prune\n```\n\n# Todo\n\n- [ ] Send over `first_name` and `last_name` attributes.\n- [ ] Don't require password inputs in `bin/1_...` step, hard-code any password.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frecruitee%2Fsso-shibboleth-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frecruitee%2Fsso-shibboleth-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frecruitee%2Fsso-shibboleth-example/lists"}