Re: Sessions Simplesaml + Yii
閲覧: 870 回
最初の未読メッセージにスキップ
Olav Morken
2012/10/12 8:30:462012/10/12
To: simple...@googlegroups.com
On Thu, Oct 11, 2012 at 09:09:55 -0700, Maik wrote:
> Hi,
>
> I'm having troubles with the authentication in the Yii side when calling
> simplesaml.
>
> I have implemented SimpleSaml in Yii like this
>
> //Set location of simplesamlphp
> > $simplesaml = '../vendors/SimpleSamlPhp';
> > Yii::setPathOfAlias('simplesamlphp', $simplesaml);
> > Yii::setPathOfAlias('simplesaml', $simplesaml);
> >
> > // temporary disable Yii autoloader
> > spl_autoload_unregister(array('YiiBase','autoload'));
> >
> > // create 3rd-party object
> > require_once($simplesaml . '/lib/_autoload.php');
> > // enable Yii autoloader
> > spl_autoload_register(array('YiiBase','autoload'));
> >
>
> Session for simplesaml is set:
>
> > SimpleSAMLSessionID=64992b82842384688a5871fd66381c02; path=/;
> > domain=forum.insided.com; HttpOnly
>
>
> Session for yii is set:
>
> PHPSESSID=20b8db421c9f5e0f701fc3d09954c8d0; path=/;
> > domain=forum.insided.com
> >
>
> My saml login is situated at /sso/saml
>
> $asId = Yii::app()->params['sso']['saml']['asId'];
> > $as = new SimpleSAML_Auth_Simple($asId);
> >
> > if (!$as->isAuthenticated()) {
> > $params = array(
> > 'ErrorURL' => "/error/errorrr",
> > 'ReturnTo' => Yii::app()->yipRequest->currentURL(),
> > );
> > $as->requireAuth($params);
> > } else {
> > echo "loggedin";
> > }
> >
>
> But when i'm calling this, everything in the flow is ok, except for
> $as->isAuthenticated(). It remains false (so I'm stuck in an infinite
> redirect loop).
>
> Anybody who knows how I could conform the simplesaml session with the yii
> session?
>
> By the way, the yii session is a CDbHttpSession, so it's stored in my mysql
> db.
And what session handler are you using for simpleSAMLphp?
If simpleSAMLphp is using a different session handler than the PHP
session handler, you should not get a conflict between Yii and
simpleSAMLphp.
Have you made sure that the response from the IdP is returned to the
same domain as you start authentication from?
Best regards,
Olav Morken
UNINETT / Feide
> Hi,
>
> I'm having troubles with the authentication in the Yii side when calling
> simplesaml.
>
> I have implemented SimpleSaml in Yii like this
>
> //Set location of simplesamlphp
> > $simplesaml = '../vendors/SimpleSamlPhp';
> > Yii::setPathOfAlias('simplesamlphp', $simplesaml);
> > Yii::setPathOfAlias('simplesaml', $simplesaml);
> >
> > // temporary disable Yii autoloader
> > spl_autoload_unregister(array('YiiBase','autoload'));
> >
> > // create 3rd-party object
> > require_once($simplesaml . '/lib/_autoload.php');
> > // enable Yii autoloader
> > spl_autoload_register(array('YiiBase','autoload'));
> >
>
> Session for simplesaml is set:
>
> > SimpleSAMLSessionID=64992b82842384688a5871fd66381c02; path=/;
> > domain=forum.insided.com; HttpOnly
>
>
> Session for yii is set:
>
> PHPSESSID=20b8db421c9f5e0f701fc3d09954c8d0; path=/;
> > domain=forum.insided.com
> >
>
> My saml login is situated at /sso/saml
>
> $asId = Yii::app()->params['sso']['saml']['asId'];
> > $as = new SimpleSAML_Auth_Simple($asId);
> >
> > if (!$as->isAuthenticated()) {
> > $params = array(
> > 'ErrorURL' => "/error/errorrr",
> > 'ReturnTo' => Yii::app()->yipRequest->currentURL(),
> > );
> > $as->requireAuth($params);
> > } else {
> > echo "loggedin";
> > }
> >
>
> But when i'm calling this, everything in the flow is ok, except for
> $as->isAuthenticated(). It remains false (so I'm stuck in an infinite
> redirect loop).
>
> Anybody who knows how I could conform the simplesaml session with the yii
> session?
>
> By the way, the yii session is a CDbHttpSession, so it's stored in my mysql
> db.
And what session handler are you using for simpleSAMLphp?
If simpleSAMLphp is using a different session handler than the PHP
session handler, you should not get a conflict between Yii and
simpleSAMLphp.
Have you made sure that the response from the IdP is returned to the
same domain as you start authentication from?
Best regards,
Olav Morken
UNINETT / Feide
Maik
2012/10/16 11:58:382012/10/16
To: simple...@googlegroups.com
Yes I did. Maybe it was the certificate that was wrong, because it was wrong in the library which i'm using now too. I'll test that if I find some time.
Thanks for the response!
Thanks for the response!
メッセージは削除されました
J B.
2013/05/20 11:27:212013/05/20
To: simple...@googlegroups.com
Hi Maik,
Could you solve the issue?
I am experiencing the same problem using phpsession handler for simplesamlphp...
I would appreciate your help.
Thx in advance,
Greets, Maik
Branislav Belohorec
2014/05/16 18:15:352014/05/16
To: simple...@googlegroups.com
Hi maik, I have the same problem with this error. I have applicatin based on yii framework. Did you get a solution? Thank you
Steve Bagwell
2018/03/21 16:02:392018/03/21
To: SimpleSAMLphp
In case anyone has this kind of problem and this could help ...
- in .../common/config/main.pip in the components section ...
'session' => [
We are using Yii2 with composer-installed simplesamlphp (into a vendor folder).
We were getting into a redirect loop between our app (as a Service Provider) and the saml Identity Provider. It appeared that on the SP, simplesamlphp was recognizing the user as authenticated, but the Yii app was not and so sending them off again to get logged in.
What solved it for us was adding the following ...
- in .../common/config/main.pip in the components section ...
'session' => [
'name' => 'ourappsyiisessionname', // replace this with the correct session name
'useCookies' => true,
],
- in .../frontend/controllers/AuthController.php in the section of code that starts dealing with a user that is not yet authenticated ...
- in .../frontend/controllers/AuthController.php in the section of code that starts dealing with a user that is not yet authenticated ...
$sspSession = \SimpleSAML_Session::getSessionFromRequest();
$sspSession->cleanup();
全員に返信
投稿者に返信
転送
新着メール 0 件