SimpleSaml With Custom App
123 views
Skip to first unread message
Joe Pond
Mar 11, 2015, 11:30:42 AM3/11/15
to simple...@googlegroups.com
I have a custom website that I'm planning on making a SP. I want users to be able to use SAML to authenticate.
I really haven't read much information about integrating simpleSAMLphp with applications. What is the best practice when doing this? Do you just modify simpleSAMLphp to save a session upon authentication, then redirect to your application?
Thanks,
Joe
Thijs Kinkhorst
Mar 11, 2015, 11:34:19 AM3/11/15
to simple...@googlegroups.com
Hi Joe,
simpleSAMLphp comes with a manual that contains the information you need
to configure simpleSAMLphp itself, but also how you integrate it with
your own application. See:
https://simplesamlphp.org/docs/stable/simplesamlphp-sp#section_6
Let us know if you have any specific questions after reading that.
Cheers,
Thijs
to configure simpleSAMLphp itself, but also how you integrate it with
your own application. See:
https://simplesamlphp.org/docs/stable/simplesamlphp-sp#section_6
Let us know if you have any specific questions after reading that.
Cheers,
Thijs
Peter Schober
Mar 11, 2015, 11:35:46 AM3/11/15
to simple...@googlegroups.com
* Joe Pond <joseph...@gmail.com> [2015-03-11 16:30]:
it's API.
So first install SSP, then configure it in an SP role (all according
to the documentation provided) and then use the SP API in your own code:
https://simplesamlphp.org/docs/stable/simplesamlphp-sp-api
Of course that'll only work if your own application is written in PHP.
If not there are alternative SAML SP implementations.
-peter
> I really haven't read much information about integrating simpleSAMLphp with
> applications. What is the best practice when doing this? Do you just
> modify simpleSAMLphp to save a session upon authentication, then redirect
> to your application?
You don't modify the SimpleSAMLphp source code, you integrate by using
> applications. What is the best practice when doing this? Do you just
> modify simpleSAMLphp to save a session upon authentication, then redirect
> to your application?
it's API.
So first install SSP, then configure it in an SP role (all according
to the documentation provided) and then use the SP API in your own code:
https://simplesamlphp.org/docs/stable/simplesamlphp-sp-api
Of course that'll only work if your own application is written in PHP.
If not there are alternative SAML SP implementations.
-peter
trooper1414
Mar 12, 2015, 3:58:15 PM3/12/15
to simple...@googlegroups.com, peter....@univie.ac.at
I did not want to start a new thread. I am a complete and when i say complete ...absolute noob. Here is what i am supposed to do:
Developed a website in html and was later told to incorporate SSO using simplesaml. I managed to install simplesamlphp on my server and get the testing done, added cert finger print etc....and authentication is working.
Now i am stuck in how to add the php code to my website. I did something stupid and renamed all my html pages to php. Each time i try to add the code it blanks out everything below it.
could someone guide me step by step, as to how to do it. I am sure this post might make you angry at my inexeperience but sadly i am all i have and this needs to be done. Thanks for your help in advance.
Peter Schober
Mar 12, 2015, 4:42:49 PM3/12/15
to simple...@googlegroups.com
* trooper1414 <sethi...@gmail.com> [2015-03-12 20:58]:
You can only integrate SimpleSAMLphp with PHP code, not with plain
HTML files.
> I managed to install simplesamlphp on my server and get the testing
> done, added cert finger print etc....and authentication is working.
Given your self-proclaimed status as an absolute noob that's
impressive, and either means you're a fast learner (or good
instruction follower) or that SimpleSAMLphp's documentation is
excellent. Or both.
> Now i am stuck in how to add the php code to my website. I did something
> stupid and renamed all my html pages to php. Each time i try to add the
> code it blanks out everything below it.
Well, then undo that renaming by renaming the back?
MS-Windows (also read the answers further below):
http://stackoverflow.com/questions/9885241/changing-all-files-extensions-in-a-folder-with-one-command-on-windows
UNIX and friends (bash), including Mac OS X:
http://stackoverflow.com/questions/1224766/how-do-i-rename-the-extension-for-a-batch-of-files/1225236#1225236
or here:
http://unix.stackexchange.com/questions/19654/changing-extension-to-multiple-files
> could someone guide me step by step, as to how to do it.
How to do what specifically?
What is it exactly you're trying to protect?
SimplesAMLphp /cannot/ protect (static) HTML files.
(There are other SAML implementations that can.)
If you're being requested to do that, feel free to refer those
instructing you that way to this message.
-peter
> Developed a website in html and was later told to incorporate SSO using
> simplesaml.
Taking that literally this cannot work.
> simplesaml.
You can only integrate SimpleSAMLphp with PHP code, not with plain
HTML files.
> I managed to install simplesamlphp on my server and get the testing
> done, added cert finger print etc....and authentication is working.
impressive, and either means you're a fast learner (or good
instruction follower) or that SimpleSAMLphp's documentation is
excellent. Or both.
> Now i am stuck in how to add the php code to my website. I did something
> stupid and renamed all my html pages to php. Each time i try to add the
> code it blanks out everything below it.
MS-Windows (also read the answers further below):
http://stackoverflow.com/questions/9885241/changing-all-files-extensions-in-a-folder-with-one-command-on-windows
UNIX and friends (bash), including Mac OS X:
http://stackoverflow.com/questions/1224766/how-do-i-rename-the-extension-for-a-batch-of-files/1225236#1225236
or here:
http://unix.stackexchange.com/questions/19654/changing-extension-to-multiple-files
> could someone guide me step by step, as to how to do it.
What is it exactly you're trying to protect?
SimplesAMLphp /cannot/ protect (static) HTML files.
(There are other SAML implementations that can.)
If you're being requested to do that, feel free to refer those
instructing you that way to this message.
-peter
trooper1414
Mar 12, 2015, 6:44:57 PM3/12/15
to simple...@googlegroups.com, peter....@univie.ac.at
On Thursday, March 12, 2015 at 1:42:49 PM UTC-7, Peter Schober wrote:
* trooper1414 <sethi...@gmail.com> [2015-03-12 20:58]:
> Developed a website in html and was later told to incorporate SSO using
> simplesaml.
Taking that literally this cannot work.
You can only integrate SimpleSAMLphp with PHP code, not with plain
HTML files.
> I managed to install simplesamlphp on my server and get the testing
> done, added cert finger print etc....and authentication is working.
Given your self-proclaimed status as an absolute noob that's
impressive, and either means you're a fast learner (or good
instruction follower) or that SimpleSAMLphp's documentation is
excellent. Or both.
> Now i am stuck in how to add the php code to my website. I did something
> stupid and renamed all my html pages to php. Each time i try to add the
> code it blanks out everything below it.
Well, then undo that renaming by renaming the back?
i apologize if i wasnt previously clear, but when i renamed the file to php from http, and added some php code for saml redirection in <html><body><?php //added code here >? and then ofcourse closed the html tags. But when i preview the site in the browser everything upto where the PHP code starts is available in the source, everything below that disappears.
MS-Windows (also read the answers further below):
http://stackoverflow.com/questions/9885241/changing-all-files-extensions-in-a-folder-with-one-command-on-windows
UNIX and friends (bash), including Mac OS X:
http://stackoverflow.com/questions/1224766/how-do-i-rename-the-extension-for-a-batch-of-files/1225236#1225236
or here:
http://unix.stackexchange.com/questions/19654/changing-extension-to-multiple-files
> could someone guide me step by step, as to how to do it.
How to do what specifically?
get my static site to point back to SAML for authentication (which basically is redirecting to our organizations two factor)
What is it exactly you're trying to protect?
SimplesAMLphp /cannot/ protect (static) HTML files. - we want the website to be behind our organizations two factor and i was using the simplesaml library to get that working
Peter Schober
Mar 13, 2015, 5:09:01 AM3/13/15
to simple...@googlegroups.com
* trooper1414 <sethi...@gmail.com> [2015-03-12 23:45]:
What exactly did you add? Calls to the SimpleSAMLpp API as per the
documentation? I could imagine embedding these into an existing HTML
page to cause issues, e.g. the infamous "headers already sent" error.
Look at your webserver's error log, or wherever PHP logs errors to
(depending on the deployment model, mod_php vs php-fpm etc.)
I'd start with PHP code alone first, i.e. start a file with
<?php
without any HTML in there, then add the SimpleSAMLphp API calls as
desired and see whether that works.
-peter
> i wasnt previously clear, but when i renamed the file to php from
> http, and added some php code for saml redirection in
> <html><body><?php //added code here >? and then ofcourse closed the
> html tags. But when i preview the site in the browser everything
> upto where the PHP code starts is available in the source,
> everything below that disappears.*
> http, and added some php code for saml redirection in
> <html><body><?php //added code here >? and then ofcourse closed the
> html tags. But when i preview the site in the browser everything
> upto where the PHP code starts is available in the source,
What exactly did you add? Calls to the SimpleSAMLpp API as per the
documentation? I could imagine embedding these into an existing HTML
page to cause issues, e.g. the infamous "headers already sent" error.
Look at your webserver's error log, or wherever PHP logs errors to
(depending on the deployment model, mod_php vs php-fpm etc.)
I'd start with PHP code alone first, i.e. start a file with
<?php
without any HTML in there, then add the SimpleSAMLphp API calls as
desired and see whether that works.
-peter
Reply all
Reply to author
Forward
0 new messages