0
Nous testons l'utilisation de simplesamlphp avec ADFS/Shiboleth.Aucun idp utilisant simplesamlphp avec le bundle symfony2
J'ai utilisé avec succès le 'vanilla' simplesamlphp. Cependant, nous devons travailler avec Symfony2 - à savoir ce paquet: https://github.com/hslavich/SimplesamlphpBundle
Nous avons configuré, mais ne sont pas davantage les fournisseurs d'identité présentés en essayant de tester la idp et sp (nous utilisons le https://www.testshib.org/ idp) via simpleSAMLphp - « Votre fournisseur d'identité 'page
Nous n'obtenons pas d'erreurs et la vérification d'intégrité fonctionne correctement, donc tout semble être configuré autre que la connexion IDP. Les métadonnées ont été converties à partir de idp dans simplesaml php selon les docs sur github et simplesaml.
En espérant que c'est un problème évident, toutes les idées ou suggestions pour d'autres offres symfony sont les bienvenues.
Vive
authsouources.php
$config = array(
// This is a authentication source which handles admin authentication.
'admin' => array(
// The default is to use core:AdminPassword, but it can be replaced with
// any authentication source.
'core:AdminPassword',
),
// An authentication source which can authenticate against both SAML 2.0
// and Shibboleth 1.3 IdPs.
'default-sp' => array(
'saml:SP',
'privatekey' => '/etc/httpd/ssl/cert.key',
'certificate' => '/etc/httpd/ssl/key.crt',
// The entity ID of this SP.
// Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.
'entityID' => 'https://idp.testshib.org/idp/shibboleth',
// The entity ID of the IdP this should SP should contact.
// Can be NULL/unset, in which case the user will be shown a list of available IdPs.
'idp' => null,
// The URL to the discovery service.
// Can be NULL/unset, in which case a builtin discovery service will be used.
'discoURL' => null,
)
);
saml20-DÉPLACÉS remote.php
<?php
$metadata['https://idp.testshib.org/idp/shibboleth'] = array (
'entityid' => 'https://idp.testshib.org/idp/shibboleth',
'description' =>
array (
'en' => 'TestShib Two Identity Provider',
),
'OrganizationName' =>
array (
'en' => 'TestShib Two Identity Provider',
),
'name' =>
array (
'en' => 'TestShib Test IdP',
),
'OrganizationDisplayName' =>
array (
'en' => 'TestShib Two',
),
'url' =>
array (
'en' => 'http://www.testshib.org/testshib-two/',
),
'OrganizationURL' =>
array (
'en' => 'http://www.testshib.org/testshib-two/',
),
'contacts' =>
array (
0 =>
array (
'contactType' => 'technical',
'givenName' => 'Nate',
'surName' => 'Klingenstein',
'emailAddress' =>
array (
0 => '[email protected]',
),
),
),
'metadata-set' => 'saml20-idp-remote',
'SingleSignOnService' =>
array (
0 =>
array (
'Binding' => 'urn:mace:shibboleth:1.0:profiles:AuthnRequest',
'Location' => 'https://idp.testshib.org/idp/profile/Shibboleth/SSO',
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/POST/SSO',
),
2 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO',
),
3 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/SOAP/ECP',
),
),
'SingleLogoutService' =>
array (
),
'ArtifactResolutionService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding',
'Location' => 'https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution',
'index' => 1,
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution',
'index' => 2,
),
),
'NameIDFormats' =>
array (
0 => 'urn:mace:shibboleth:1.0:nameIdentifier',
1 => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
),
'keys' =>
array (
0 =>
array (
'encryption' => true,
'signing' => true,
'type' => 'X509Certificate',
'X509Certificate' => '
MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
/SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
',
),
),
'scope' =>
array (
0 => 'testshib.org',
),
'UIInfo' =>
array (
'DisplayName' =>
array (
'en' => 'TestShib Test IdP',
),
'Description' =>
array (
'en' => 'TestShib IdP. Use this as a source of attributes
for your test SP.',
),
'InformationURL' =>
array (
),
'PrivacyStatementURL' =>
array (
),
'Logo' =>
array (
0 =>
array (
'url' => 'https://www.testshib.org/testshibtwo.jpg',
'height' => 88,
'width' => 253,
),
),
),
);
Je ne comprends pas comment les deux fichiers sont liés à le paquet? Comment chargez-vous réellement la configuration? – xabbuh