Defining a Callback url
Ahmet Ünal
_________________________________
Ahmet Ünal
Olav Morken
> Hi people,
>
> On my SP, I've defined a ReturnTo url like this:
>
> $as = new SimpleSAML_Auth_Simple('myauth');
> $returnTo = "mydomain.com/return2me.php";
You need to have an absolute URL here, e.g.
"https://mydomain.com/return2me.php".
> $as->requireAuth( array("ReturnTo" => $returnTo) );
>
> But still, after successful login, IdP redirects to:
> mydomain.com/simplesaml/module.php/saml/sp/saml2-acs.php/myauth
>
>
> What am i missing?
The ReturnTo parameter sets the URL that the SP should redirect to
after processing the authentication response, while the
AssertionConsumerService URL controls where the IdP will send its
authentication response.
Regards,
Olav Morken
UNINETT / Feide
>
>
>
> --
> _________________________________
>
> Ahmet �nal
>
> --
> You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
> To post to this group, send email to simple...@googlegroups.com.
> To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
>
Ahmet Ünal
On Fri, Sep 02, 2011 at 17:38:01 +0300, Ahmet Ünal wrote:You need to have an absolute URL here, e.g.
> Hi people,
>
> On my SP, I've defined a ReturnTo url like this:
>
> $as = new SimpleSAML_Auth_Simple('myauth');
> $returnTo = "mydomain.com/return2me.php";
"https://mydomain.com/return2me.php".
The ReturnTo parameter sets the URL that the SP should redirect to
> $as->requireAuth( array("ReturnTo" => $returnTo) );
>
> But still, after successful login, IdP redirects to:
> mydomain.com/simplesaml/module.php/saml/sp/saml2-acs.php/myauth
>
>
> What am i missing?
after processing the authentication response, while the
AssertionConsumerService URL controls where the IdP will send its
authentication response.
Regards,
Olav Morken
UNINETT / Feide
>
>
>
> --
> _________________________________
>
> Ahmet Ünal
>
> --
> You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
> To post to this group, send email to simple...@googlegroups.com.
> To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
>
--
You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
To post to this group, send email to simple...@googlegroups.com.
To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
_________________________________
Ahmet Ünal
Part time sleeper
Full time dreamer
---
Her insan ay gibidir, kimseye göstermediği bir karanlık yüzü vardır...
_______________________________________________________________
See you on the Dark Side of the Moon
_______________________________________________________________
Olav Morken
> Thanks Olav,
>
> How can I assign AssertionConsumerService urll on the fly just before
> sending the request.
You cannot, at least not without changing the source code. Why do you
need to change the AssertionConsumerService?
Ahmet Ünal
On Mon, Sep 05, 2011 at 13:06:58 +0300, Ahmet Ünal wrote:You cannot, at least not without changing the source code. Why do you
> Thanks Olav,
>
> How can I assign AssertionConsumerService urll on the fly just before
> sending the request.
need to change the AssertionConsumerService?
Regards,
Olav Morken
UNINETT / Feide
--
You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
To post to this group, send email to simple...@googlegroups.com.
To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
Olav Morken
> Well,
>
> First of all I want to redirect the user to the place where he/she came to
> signin page at the first place.
This isn't done by changing the AssertionConsumerService endpoint.
Instead, it is the job of the AssertionConsumerService to process the
SAML 2.0 response received from the IdP, and then redirect the user to
the correct location.
SimpleSAMLphp decides which URL to redirect to after processing the
response based on the ReturnTo option you specify when starting
authentication, or the RelayState response parameter if you are using
IdP-first flow / IdP initiated authentication.
> Also I will need some dynamic parameters to be returned back to me.
Are you saying that the IdP doesn't follow the SAML 2.0 standard, but
adds custom "URL"-parameters to the message it sends to the
AssertionConsumerService endpoint? Or are you referring to dynamic
parameters added inside the SAML 2.0 response? In that case, where are
they stored inside the response? In an attribute? Custom extension?
> And, simplesaml's session handling conflicts with my handling and I want to
> bypass it.
Have you looked at using a different session handler for simpleSAMLphp?
If that won't work, you cannot use simpleSAMLphp, since it needs to
keep track of the user's session for various reasons.
> SimpleSamlPhp is a thirdparty library and I don't want to code my business
> logic inside it.
You shouldn't need to.