SAML login page - corporate branding


#1

Is it possible to create your own template for the SAML login page?

Is it possible to change the FQDN that is mentioned on the page? This is not equal to the value of “ucs/server/sso/fqdn”, but to the local hostname.

Note:
I tried to upload an example image to this phpBB, but got the following error: Temporary folder could not be found. Please check your PHP installation.


#2

You can adjust the theme by setting the UCR variable “saml/idp/lookandfeel/theme”.
The default theme is “univentiontheme:univention” which is located here:
/usr/share/simplesamlphp/modules/univentiontheme/themes/univention

Be aware, that we have plans to include the login page directly in UMC via an iframe so that custom themes might need manual adaptions in the future:
forge.univention.org/bugzilla/s … i?id=39459

The FQDN might be changed via the UMC module ‘SAML Identity Provider’ by opening the service provider enty and inserting a new name into “Name of the organization for this service provider”.
Or via CLI:

udm saml/serviceprovider modify --dn 'SAMLServiceProviderIdentifier=https://foo.example.com/univention-management-console/saml/metadata,cn=saml-serviceprovider,cn=foo,dc=example,dc=com' --set serviceProviderOrganizationName='Whatever you want!'

Note: this might get overridden when installing UCS release updates!


#3

Hi Florian,

I found the theme files and the h2-header containing the FQDN.

/usr/share/simplesamlphp/modules/univentiontheme/themes/univention/default/includes/header.php:127

<?php echo($this->configuration->getValue('hostfqdn', '')); ?>

The ‘hostfqdn’ is composed from the UCR variables ‘hostname’ and ‘domainname’.

/etc/univention/templates/files/etc/simplesamlphp/config.php:24
print " ‘hostfqdn’ => ‘%s.%s’," % (configRegistry.get(‘hostname’, ‘’),configRegistry.get(‘domainname’, ‘’))

As I’m not sure if these values are used anywhere else, I won’t touch these values. I will modify the file header.php