On 10 August 2012 14:33, megaloman <
marek....@gmail.com> wrote:
> Hello,
>
> I work on a website which authenticates users with a remote auth centre. So
> basically my app is a service provider.
OK
> Till now, we used to authenticate users using soap requests, but the
> supplier of the authentication centre (idP) is switching to SAML.
> So far I've successfully installed the simpleSAMLphp library and managed to
> bind it to the idP -- using a test page, when I click the 'default-sp', it
> redirects me to the idP's servers and than it redirects me back to my login
> page.
This is not OK. You should be redirected to the IdP server and that
machine should do the authentication.
You are not involved in any way.
One the auth goes OK, you get sent redirected back to your SP.
That is the whole concept - your SP doesn't and shouldn't need any
authentication data.
--
Dick Visser
System & Networking Engineer
TERENA Secretariat
Singel 468 D, 1017 AW Amsterdam
The Netherlands