Which config files are needed. Which ones are deployment-specific, and which ones are related to the connected entities? Which modules are needed?


Initial configuration / Deployment

The simplest option to configure and integrate SaToSa with existing services is to use the Dockerized version. Presently, it has a flaw that prevents it from correctly launching due to a hardcoded link to a dead testing site - https://samltest.id/. There is a workaround to get it running:

  • create a local docker volume for the /etc/satosa folder (where the failing configuration resides)
  • download the satosa container from the Docker Hub on Docker Desktop
  • launch the image with the configuration provided in the screenshot

  • launch the container

The first launch fails but the configuration files are now available in the Docker volume. In the volume folder, the files:
/plugins/frontends/saml2_frontend.yaml and plugins/backends/saml2_backend.yaml contain the broken links to the samltest.id.

Config file types

The main and the most important config is the proxy_conf.yaml located in the root folder of the application. The example configuration can be found in the SaToSa docs. The most important parts that will need be customized are the configs listed under BACKEND_MODULES and FRONTEND_MODULES. These are file paths (there can be multiple of each) leading to the configs of individual SPs/RPs and IdPs/OPs. The proxy_conf.yaml always has the same name and location. The individual configs of IdPs/SPs can technically have different paths and names and formats depending on the configuration of the given implementation.


  • No labels