Let's say I have a site with a login and that login is handled via a non simplesamlphp process that sets a user's data to session variables. Site A.
I also have a number of other sites, B - D, with similar login processes. In an attempt to make things easier for the users, i attempt to establish a single sign on with Site A being the target.
If I understand how simplesamlphp works, i would set up Site A as an IdP and B - D as SPs. Lets also say I've copied the exampleauth:External module to a myauth:External module and changed everything to make it work the same.
At this point, I can log in through the SimpleSAMLphp authpage.php form and everything is great.
But what can I do if someone has logged in through the non-simplesamlphp process?
So far I've been unable to carry over or insert non-simplesamlphp into the SimpleSAMLphp process. I understand that the process destroys and remakes the session, but is there no way for SimpleSAMLphp to set a user as having been authenticated based on session data that exists outside of the SimpleSAMLphp session?
I apologize if any of the terminology I'm using is vague or incorrect, and any help is appreciated.
Should be:
"So far I've been unable to carry over or insert non-simplesamlphp session data into the SimpleSAMLphp process."
Thanks for your response. Unfortunately, the user base is not consistent across all sites. It is also not very likely that we would be able to get rid of the current login processes.
Can you think of any way I can accomplish what i need to do?
Thanks again for your quick response. The reason why SSO is a requirement is because I want the users on B - D to have the option to be able to log in with credentials from Site A, but also have the option to log in with an account they've created on B - D.