Usage example

Question

Usage example

juriansluiman opened this issue 11 years ago · 1 comments

Hi Ivan,

I need to get a SAML implemetation going in my zf2 app and found this module. Do you have any example how to get this going? As far as I know, somewhere I have to specify the identity provider and I cannot see an exampe of that in your README.

I am quite unfamiliar with SAML, but I guess if a user is not logged in, he should be redirected to the identity provider's login page. Will this piece of code do that?

$adapter = new \ZfcShib\Authentication\Adapter\Shibboleth(array(
    'id_attr_name' => 'eppn', 
    'user_attr_names' => array(
        'eppn', 
        'cn', 
        'mail'
    )
));

$result = $adapter->authenticate();

As you state, system_attr_names is optional, but I have to specify the IP url there?

$adapter = new \ZfcShib\Authentication\Adapter\Shibboleth(array(
    'id_attr_name' => 'eppn', 
    'user_attr_names' => array(
        'eppn', 
        'cn', 
        'mail'
    ),
    'system_attr_names' => array(
        'Shib-Identity-Provider' => 'https://idp.example.org/idp/shibboleth'
    )
));

$result = $adapter->authenticate();

Or if the user is not authenticated, the result will be a failure and I have to redirect the user to https://idp.example.org/idp/login or so myself? Also, how can $_SERVER come into play here, shouldn't it be the Zend\Http\Request?

As you see, I am quite uncertain about SAML :)

Answer 1 · 2014-02-18T09:39:48.000Z

The module expects that Shibboleth Service Provider is installed and properly configured. It handles all the SAML communication and makes users' attributes available as _SERVER variables.

So the module just checks those variables and uses them to specify the user's identity.

Probably I should add more information about Shibboleth and its configuration.