Enabling simpleSAMLphp as an OpenID Provider

463 views
Skip to first unread message

Ales Cernivec

unread,
May 28, 2012, 6:38:06 AM5/28/12
to simple...@googlegroups.com
Hi,

I am trying to configure SimpleSAMLphp 1.9.0-rc2 to act as OpenID
provider. After creating config/module_openidProvider.php:

----
/**
* Configuration file for the OpenID provider.
*/

$config = array(

/* The authentication source that should be used. */
'auth' => 'contrailauth',

/* The name of the attribute which contains the username of the user. */
'username_attribute' => 'username',

/* The directory where OpenID data is stored. */
'filestore' => '/var/lib/simplesamlphp-openid-provider',
);
----
,
enabling openidProvider module, AS (contrailauth) is working as it should, I am getting these errors in /var/log/apache2:

[Mon May 28 10:26:37 2012] [error] [client xx.xxx.xxx.xxx] PHP Fatal error: Class 'SimpleSAML_Logger_LoggingHandlerFile' not found in /usr/share/simplesamlphp-1.9.0-rc2/lib/Auth/OpenID/Server.php on line 1709, referer: https://ec2-xx-xx-xxx-xxx.compute-1.amazonaws.com/simplesaml/module.php/core/frontpage_auth.php

Any idea what is causing these issues? Have I missed anything?

Thank you,

Kind Regards,
Ales.


Olav Morken

unread,
May 29, 2012, 3:20:30 AM5/29/12
to simple...@googlegroups.com
You may be hitting the following PHP bug:

https://bugs.php.net/bug.php?id=47987

Try adding something like:

SimpleSAML_Logger::error('test');

to the beginning of "simplesaml/modules/code/www/frontpage_auth.php",
and see what error you get in that case.

Best regards,
Olav Morken
UNINETT / Feide

Ales Cernivec

unread,
May 29, 2012, 3:59:39 AM5/29/12
to simple...@googlegroups.com
Hi Olav,

You are right. After I have edited /etc/php5/apache2/php.ini and
changed allow_call_time_pass_reference variable from Off to On, it works
as expected. I suggest mentioning this fact in the documentation
http://simplesamlphp.org/docs/1.9/openidProvider:provider

It worries me this fact (in the php.ini):
"Passing values by reference at function call time is a deprecated
feature which will be removed from PHP at some point in the near
future."

Thank you.

Regards,
Ales.

Olav Morken

unread,
May 30, 2012, 3:01:55 AM5/30/12
to simple...@googlegroups.com
On Tue, May 29, 2012 at 09:59:39 +0200, Ales Cernivec wrote:
> Hi Olav,
>
> You are right. After I have edited /etc/php5/apache2/php.ini and
> changed allow_call_time_pass_reference variable from Off to On, it works
> as expected. I suggest mentioning this fact in the documentation
> http://simplesamlphp.org/docs/1.9/openidProvider:provider
>
> It worries me this fact (in the php.ini):
> "Passing values by reference at function call time is a deprecated
> feature which will be removed from PHP at some point in the near
> future."

The underlying problem is that the upstream OpenID library has not
fixed this issue yet.

I have now committed two "fixes", which should make this problem go
away. (If not fix the underlying cause -- basically it is just hiding
the errors.) With a bit of luck a future version of the OpenID library
should properly fix this. (I believe this warning turns into a fatal
error in PHP 5.4.)
Reply all
Reply to author
Forward
0 new messages