Simplesamlphp service provider

saml
ucs-4-4

#1

Hi,

I’m trying to connect Mediawiki via SimpleSAMLPhp. I’ve installed the package “simplesamlphp” on the member server.

But the SimpleSAMLPhp shipped by this package seems to be incomplete:

Failed opening required '/etc/simplesamlphp/lib/_autoload.php'

Have someone ever tried to configure SAML login based on simplesamlphp for an App installed on UCS?

Cheers,
SirTux


#2

Ok I’ve configured the wrong path. It has to be

/usr/share/simplesamlphp

But in the www folder the sp part seems to be missing.


#3

Ok in the end it was a layer 8 problem. I’ve forgotten to run

a2enconf simplesamlphp
systemctl restart apache2

Also it was necessary to change the store.type in /etc/simplesamlphp/config.php. I’ve configured the SQL backend with MariaDB.

Also it’s necessary to create the file /etc/simplesamlphp/metadata/saml20-idp-remote.php:

 <?php
$metadata['https://ucs-sso.top2.top1/simplesamlphp/saml2/idp/metadata.php'] = array (
  'description'          => 'SAML Login',
  'SingleSignOnService'  => 'https://ucs-sso.top2.top1/simplesamlphp/saml2/idp/SSOService.php',
  'certificate'      => '/usr/share/simplesamlphp/cert/ucs-sso.top2.top1-idp-certificate.crt',
  'SingleLogoutService'  => 'https://ucs-sso.top2.top1/simplesamlphp/saml2/idp/SingleLogoutService.php',
);

/etc/simplesamlphp/config.php:


    'mediawiki' => array(
                'saml:SP',

                // The entity ID of this SP.
                // Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.
                'entityID' => 'mediawiki',

                // The entity ID of the IdP this should SP should contact.
                // Can be NULL/unset, in which case the user will be shown a list of available IdPs.
                'idp' => 'https://ucs-sso.top2.top1/simplesamlphp/saml2/idp/metadata.php',

                // The URL to the discovery service.
                // Can be NULL/unset, in which case a builtin discovery service will be used.
                'discoURL' => NULL,
    ),