Prepare the host systemThe only requirement to run this demo is having a Docker and docker-compose installation. Both are available for GNU/Linux, Windows and MacOS. See instructions on how to install it for your chosen platform (https://www.docker.com/). Get the demo filesGet the demo files from https://github.com/janetuk/moonshot_docker. Use the Clone or download button and follow instructions. If you choose downloading the ZIP file, please uncompress it to a known location. Start the servicesEnter into the demo folder you got via git or from the ZIP file. The provided docker-compose file will build and start each individual service conforming the Moonshot infrastructure. To do so, simply execute the following command: Build and starttrueThat will build the images, recreate the containers, and run them in the background. The expected output is something similar to: Performing Moonshot authenticationsOnce all the services are up, you can log into the Client container and start performing Moonshot authentications. Getting into the Client containerTo get an interactive bash session on the Client container, use the following command: Get into the containertrueThat will give you a bash session as the root user. Providing access to host's display (only for Linux hosts)If your host is running an Xorg desktop session, you can allow docker containers to access the display and run graphical applications by executing the following command on your host. Allow local X connectionstrueThe, from within the Client container, set the appropriate value to the DISPLAY variable: Set DISPLAY env vartrueIf you do not do this, Moonshot will use the TEXT UI instead. Testing SSHFrom within the Client container, try to authenticate to the SSH server container by issuing the following command: Launch SSH connectiontrue
The Moonshot UI will pop up, asking you to select an identity. You can use the Import button on the right to import the /config/user_credentials.xml file. That will import the alice@test1.org and alice@test2.org identities. - Select one of them and click on the
Send button. Note that using alice@test1.org will perform a local Moonshot authentication, that is, the Trust Router infrastructure will not be involved since the SSH server is directly connected to the IDP1. However, using alice@test2.org will imply a Moonshot authentication that will also involve the use of the Trust Router server and the APC, as IDP1 will need to ask for details about IDP2. After having authenticated, you should see yourself logged into the sshserver as the moonshot user. You can verify both by using the hostname and whoami system tools. SSH connection succeeded
Testing HTTPFrom within the Client container, try to authenticate to the SSH server container by issuing the following command: Launch HTTP connectiontrue
- The Moonshot UI will pop up, asking you to select an identity. Select one of them and click on the
Send button. After having authenticated, you should see something like this, including the username and attributes of the authenticated user. HTTP connection succeeded
Checking the logsYou can check the log output of the different services by using the docker-compose logs functionality. For instance, to check the Trust Router server logs, use: Check IDP1 logstrue
|