My personal login page instead of idp page

[Andrea Di Mario]

Hi, we've set a SimpleSaml configuration as SP that communicate with an external IdP, all works fine. We've done a test based on http://simplesamlphp.org/docs/1.7/simplesamlphp-sp#section_6 but we want an integration with our login system. I've seen the example module ( http://simplesamlphp.org/docs/1.9/simplesamlphp-customauth ), but with this can't find how redirect my login data on idp.

Could you tell me some informations about this problem?

Thanks for your time.
Best regards.

[Dick Visser]

It would be helpful if you could describe the IdP system you are using.

You should only write your own custom authentication source if your
IdP is not using any of the supported authentication methods from
http://simplesamlphp.org/docs/1.9/simplesamlphp-idp#section_2.

--
Dick Visser
System & Networking Engineer
TERENA Secretariat
Singel 468 D, 1017 AW Amsterdam
The Netherlands

[Andrea Di Mario]

Hi, thanks for you reply, they use the UserPass login. They have a login page for the authentication, we want that the users use our login form and then we send the data to idp and get back the results. In the example module in SimpleSaml i find only example where the app takes the credentials from example file and not from idp.

Regards. 

[Dick Visser]

Hi Andrea

> Hi, thanks for you reply, they use the UserPass login. They have a login
> page for the authentication, we want that the users use our login form and
> then we send the data to idp and get back the results. In the example module
> in SimpleSaml i find only example where the app takes the credentials from
> example file and not from idp.

Could you be more precise in your wording?
Who are 'they' and 'we'?
Also, usually it is the SSP IdP that displays a login form for authentication.
To do that, you used UserPass, which worked.
But it sounds like in your situation the *real* IdP is another system
with a web form that does the actual authentication?

[Andrea Di Mario]

Hi, yes, sorry if my explaination is confused. The idp is an university and we must connect with it to get informations about the students. The idp has a login form where we can correctly login and get back data.
Now we want that our Zend application have its personal login form where users write their credentials. After we want send the credentials to the idp, do the authentication with that and then get back the user data in our system.

Thanks for your time.
Regards.

[Dick Visser]

On 24 April 2012 16:39, Andrea Di Mario <anddi...@gmail.com> wrote:

> Hi, yes, sorry if my explaination is confused. The idp is an university and
> we must connect with it to get informations about the students. The idp has
> a login form where we can correctly login and get back data.
> Now we want that our Zend application have its personal login form where
> users write their credentials. After we want send the credentials to the
> idp, do the authentication with that and then get back the user data in our
> system.

I now see what you're trying to achieve. Unfortunately many consider
this to be a form of phishing.
Every now and then developers come up with this, but please read:
See https://groups.google.com/d/msg/simplesamlphp/o74zLJ-D5NY/LY5mqGj3IkMJ

I suggest you contact the university and ask if the IdP speaks SAML2
(or some other protocol), and then have your SP talk directly with the
university IdP.

Then you'd have a simpler, less error-prone, and more secure set-up.

Dick

[Andrea Di Mario]

Hi, sorry, i've not thought about this, we use our idp's login page. SimpleSaml gives us the idp select at first login, is there a way to set only the default idp and don't display the select?

Thanks for your time.
Regards.

[Dick Visser]

On 25 April 2012 18:46, Andrea Di Mario <anddi...@gmail.com> wrote:
> Hi, sorry, i've not thought about this, we use our idp's login page.
> SimpleSaml gives us the idp select at first login, is there a way to set
> only the default idp and don't display the select?

yes:

http://simplesamlphp.org/docs/1.9/simplesamlphp-sp#section_3