*
dh...@esqbs.ac.id <
dh...@esqbs.ac.id> [2017-09-28 18:59]:
> please help me and give me some clue for make module authentication
> for g suite education. somehow until now i dont understand how to
> make custom auth module for supporting SSO method on IDP third party
> at G suite education.
If you want SimpleSAMLphp to function as an IDP it needs to be able to
authenticate people, i.e., the IDP needs access to a service that can
verify credentials.
The most common and useful thing to do here is to use the same
authentication services with the IDP as your existing applications and
services are using, e.g. LDAP (or maybe RADIUS). Then the IDP will be
yet another LDAP client, like all your other applications.
That documentatation does not say you have to create a custom auth
module. It says an IDP needs an authentication source of some kind,
e.g. LDAP or something else (including making up your own) -- how else
are you going to authenticate subjects and send them on to the Service
Provider (Google, here)?
So if you want the IDP to provide authentication and SAML assertions
for SAML Service Providers you will need to configure an authsource in
the IDP that is able to do that. I.e., if I try to log in to your IDP
with username "user" and password "pass" what specifically should the
IDP do, how should it determine whether that's correct or not?
This is what you need to find out first.
-peter