Hub 2.5 Help

Hub as SAML Identity Provider for Artifactory

Prerequisites

  • You mast have administrator privileges in both Artifactory and Hub.
  • You must have the SSL certificate that is packed into the .p12 key store that is set up for SAML connection in Hub.

Configure SSO for Artifactory with Hub as IdP

  1. Log into Artifactory with administrator privileges. Open Admin module > Security > SAML SSO.
  2. Enable the SAML integration and provide the following parameters:
    ParameterDescription
    SAML Login URLPaste the content of the Sign In URL field on More Settings > SAML2.0 > Settings page of the Hub server.
    SAML Logout URLPaste the content of the Sign Out URL field on More Settings > SAML2.0 > Settings page of the Hub server.
    SAML Service Provider NameSet up the service provider name of Artifactory by which it should be recognized in Hub. Use the domain name of your Artifactory instance.
    SAML CertificatePaste the content of the certificate that you packed into the .p12 key store that is set up for SAML connection in Hub.
  3. Configure options related to processing unknown user accounts by Artifactory. We recommend that you enable the Auto Create Artifactory Users option.
  4. Save the configuration.
  5. Configure Custom URL Base of your Artifactory. Refer to the Artifactory documentation for details.
  6. In Hub, select SAML 2.0 from the Access Management section of the Administration menu.
  7. Select the Registered Service Providers tab.
  8. Click the Register service provider button.
  9. In the dialog, provide the following parameters of the Artifactory service:
    ParameterDescription
    NameEnter a name to be displayed for the Artifactory service in Hub.
    IssuerUse the name of your Artifactory service. If you use the Cloud version of Artifactory, enter the name in the format <accountname>.artifactoryonline.com.
    DescriptionOptionally, enter a description of the Artifactory service.
    Consumer URLEnter the Assertion Consumer Service (ACS) URL of your Artifactory service. General format of the URL is: <Custom Base URL>/webapp/saml/loginResponse
    Hub should send LogoutResponseMake sure that the option is disabled.
Last modified: 31 January 2017