habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website: Bump prettier from 3.3.3 to 3.4.1 in /website (#12205)

Browse Source 
* website: Bump prettier from 3.3.3 to 3.4.1 in /website

Bumps [prettier](https://github.com/prettier/prettier) from 3.3.3 to 3.4.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.3.3...3.4.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update formatting

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* sigh

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* disable flaky test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
dependabot[bot]
2024-11-27 15:14:19 +01:00
committed by GitHub
parent 6d2072a730
commit 3996bdac33
252 changed files with 22143 additions and 22140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
website/integrations/services/globalprotect/index.md
View File

@ -19,8 +19,8 @@ sidebar_label: GlobalProtect
The following placeholders will be used:
- `gp.company` is the FQDN of the GlobalProtect portal.
- `authentik.company` is the FQDN of the authentik install.
- `gp.company` is the FQDN of the GlobalProtect portal.
- `authentik.company` is the FQDN of the authentik install.
:::caution
A trusted web certificate is required to be bound to the GlobalProtect Portal. This can be signed by a trusted internal Root Certificate Authority (CA); however, a self signed certificate, a certificate outside of its validity, or a non-standard confirming certificate (such as a lifespan not trusted by modern browsers) will error out on SAML authentication.
@ -30,17 +30,17 @@ A trusted web certificate is required to be bound to the GlobalProtect Portal. T
1. In the Admin interface of authentik, under _Providers_, create a SAML provider with these settings:
- ACS URL: `https://gp.company:443/SAML20/SP/ACS` (Note the absence of the trailing slash, and the inclusion of the web interface port)
- Issuer: `https://authentik.company/application/saml/fgm/sso/binding/redirect/`
- Service Provider Binding: Post
- You can of course use a custom signing certificate, and adjust durations.
- ACS URL: `https://gp.company:443/SAML20/SP/ACS` (Note the absence of the trailing slash, and the inclusion of the web interface port)
- Issuer: `https://authentik.company/application/saml/fgm/sso/binding/redirect/`
- Service Provider Binding: Post
- You can of course use a custom signing certificate, and adjust durations.
2. Select the newly created Provider and download the metadata using the tool on the 'Overview' tab.
3. In the Admin interface of authentik, under _Application_, create an application with these settings:
- Launch URL: `blank://blank` (This setting hides the application, while still granting access)
- Use the _Provider_ and _Slug_ previously set in the first step.
- Launch URL: `blank://blank` (This setting hides the application, while still granting access)
- Use the _Provider_ and _Slug_ previously set in the first step.
4. Set the bindings appropriately to those who will be allowed to authenticate.
@ -50,24 +50,24 @@ A trusted web certificate is required to be bound to the GlobalProtect Portal. T
2. Navigate to 'SAML Identity Provider' on the Device tab and choose the 'import' option.
- Provide a name for the profile.
- Import the metadata file downloaded earlier. (This will automatically install the authentik signing certificate to the system upon commit.)
- Select 'Validate Identity Provider Certificate' if desired.
- Provide a name for the profile.
- Import the metadata file downloaded earlier. (This will automatically install the authentik signing certificate to the system upon commit.)
- Select 'Validate Identity Provider Certificate' if desired.
3. Navigate to 'Authentication Profile' on the Device tab and add a new profile.
- Type: SAML
- IdP Server Profile: The profile just created
- Certificate for Signing Requests: None (Optionally configure authentik for mutual SAML signature)
- Certificate Profile: None (Optionally configure profile to validate the authentik signing cert)
- Username Attribute: `username`
- Type: SAML
- IdP Server Profile: The profile just created
- Certificate for Signing Requests: None (Optionally configure authentik for mutual SAML signature)
- Certificate Profile: None (Optionally configure profile to validate the authentik signing cert)
- Username Attribute: `username`
4. Chose 'Advanced' within the profile and add 'all'. This will have only authentik control the authorization.
5. Navigate to the 'GlobalProtect Portal Configuration' and chose the portal for SAML access.
- Under 'Authentication' select the 'Authentication Profile' to the one just created. Leave all other settings as default.
- Optionally chose to require client access via separately issued client cert as well. If not using a client cert, select 'Yes (User Credentials OR Client Certificate Required)'.
- Under 'Authentication' select the 'Authentication Profile' to the one just created. Leave all other settings as default.
- Optionally chose to require client access via separately issued client cert as well. If not using a client cert, select 'Yes (User Credentials OR Client Certificate Required)'.
6. Make the same exact changes to the 'GlobalProtect Gateway Configuration'.