Hub 2019.1 Help

Hub as SAML Identity Provider for Artifactory

Before you start, verify the following prerequisites:

  • You mast have administrator privileges in both Artifactory and Hub.

  • You must have the SSL certificate that is packed into the .p12 keystore that is set up for SAML connection in Hub.

To configure SSO for Artifactory with Hub as IdP:

  1. Log into Artifactory with administrator privileges. Open Admin module > Security > SAML SSO.

  2. Enable the SAML integration and provide the following parameters:

    Parameter

    Description

    SAML Login URL

    Paste the content of the Sign In URL field on More Settings > SAML2.0 > Settings page of the Hub server.

    SAML Logout URL

    Paste the content of the Sign Out URL field on More Settings > SAML2.0 > Settings page of the Hub server.

    SAML Service Provider Name

    Set up the service provider name of Artifactory by which it should be recognized in Hub. Use the domain name of your Artifactory instance.

    SAML Certificate

    Paste the content of the certificate that you packed into the .p12 keystore that is set up for SAML connection in Hub.

  3. Configure options related to processing unknown user accounts by Artifactory. We recommend that you enable the Auto Create Artifactory Users option.

  4. Save the configuration.

  5. Configure Custom URL Base of your Artifactory. Refer to the Artifactory documentation for details.

  6. In Hub, select SAML 2.0 from the Access Management section of the Administration menu.

  7. Select the Registered Service Providers tab.

  8. Click the Register service provider button.

  9. In the dialog, provide the following parameters of the Artifactory service:

    Parameter

    Description

    Name

    Enter a name to be displayed for the Artifactory service in Hub.

    Issuer

    Use the name of your Artifactory service. If you use the Cloud version of Artifactory, enter the name in the format <accountname>.artifactoryonline.com.

    Description

    Optionally, enter a description of the Artifactory service.

    Consumer URL

    Enter the Assertion Consumer Service (ACS) URL of your Artifactory service. General format of the URL is: <Custom Base URL>/webapp/saml/loginResponse

    Hub should send LogoutResponse

    Make sure that the option is disabled.

Last modified: 17 February 2020