Skip to content

chtitux/sfSAMLPlugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
config
config
 
 
lib
lib
 
 
modules/sfSAMLAuth
modules/sfSAMLAuth
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.xml
package.xml
 
 

Repository files navigation

README

sfSAMLPlugin is a symfony plugin that allow you to interface SAML with sfDoctrineGuardPlugin.

sfSAMLPlugin uses simpleSAMLPhp ( http://simplesamlphp.org/ ) for dealing with the Identity Provider (IdP). With sfSAMLPlugin, you symfony application is a Service Provider (SP).

Installation

If you want to install sfSAMLPlugin, follow these steps :

  1. get the source there : https://github.com/chtitux/sfSAMLPlugin , decompress it in the plugins/ directory

  2. Install sfDoctrineGuardPlugin (just download it and put it in the plugins/ directoy in your symfony application)

  3. Download SimpleSAMLphp and decompress it in the lib/vendor/ directory

  4. Add these lines in the config/ProjectConfiguration.php :

    <?php

class ProjectConfiguration extends sfProjectConfiguration
{
    public function setup()
    {
    $this->enablePlugins('sfDoctrinePlugin');
    
    // Add these 4 following lines :
    $this->enablePlugins('sfDoctrineGuardPlugin');
    $this->enablePlugins('sfSAMLPlugin');
    // Load simpleSAMLphp
    require_once dirname(FILE).'/../lib/vendor/simplesamlphp/lib/_autoload.php';
  }
}

  5. In the apps/frontend/config/settings.yml , enable at least the modules sfGuardAuth and sfSAMLAuth. You can enable all the modules of sfDoctrineGuardPlugin like that :

    all:
  .settings:
[...]
    # Enable modules
    enabled_modules:        [default, sfGuardAuth, sfSAMLAuth, sfGuardGroup, sfGuardUser, sfGuardPermission]

  6. In your lib/vendor/simplesamlphp/config/config.php Change the config name to "symfony" like that :

       <?php
   // ...
   'session.phpsession.cookiename'  => "symfony",

  7. Configure your IdP in simplesamlphp/metadata/saml20-idp-remote.php

  8. simpleSAMLphp must be visible from the web (the user will be redirected to it). You have to add the following line in your Apache config :

    Alias /simplesaml /home/data/www/login/lib/vendor/simplesamlphp/www

  9. Change the class that extends myUser to sfGuardSecurityUser :

    <?php

class myUser extends sfGuardSecurityUser
{
}

  10. You have to create a database and a sfGuardUser table. sfSAMLPlugin add a sfGuardUser in the database

  11. You can test it with the default routes : /saml/login for login, /saml/logout for logout

  12. You can add the default login/logout routes at the end of apps/frontend/config/settings.yml

      .actions:
    login_module:    sfGuardAuth
    login_action:    signin

And it should work !

About

Symfony Plugin for Authentification with SAML and simpleSAMLPhp

github.com/chtitux/sfSAMLPlugin

Resources

Readme

License

View license
Activity

Stars

9 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages