Goal getting ADFS to work withing simplesamlphp.
This tutorial is quite bare bones. I will be adding more later (sharepoint2013 + SimpleSamlphp Idp using ADFS)
Requirement:
Make sure you have simplesamlphp installed
cd /simpelsamlphp
touch enable module/adfs/enable
touch enable module/exampleauth/enable
This tutorial is quite bare bones. I will be adding more later (sharepoint2013 + SimpleSamlphp Idp using ADFS)
Requirement:
Make sure you have simplesamlphp installed
cd /simpelsamlphp
touch enable module/adfs/enable
touch enable module/exampleauth/enable
Configure files config
location: config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| 'example-userpass' => array( | |
| 'exampleauth:UserPass', | |
| // Give the user an option to save their username for future login attempts | |
| // And when enabled, what should the default be, to save the username or not | |
| //'remember.username.enabled' => FALSE, | |
| //'remember.username.checked' => FALSE, | |
| 'student:studentpass' => array( | |
| 'uid' => array('test'), | |
| 'eduPersonAffiliation' => array('member', 'student'), | |
| ), | |
| 'employee:employeepass' => array( | |
| 'uid' => array('employee'), | |
| 'eduPersonAffiliation' => array('member', 'employee'), | |
| ), | |
| ), | |
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| 'example-userpass' => array( | |
| 'exampleauth:UserPass', | |
| // Give the user an option to save their username for future login attempts | |
| // And when enabled, what should the default be, to save the username or not | |
| //'remember.username.enabled' => FALSE, | |
| //'remember.username.checked' => FALSE, | |
| 'student:studentpass' => array( | |
| 'uid' => array('test'), | |
| 'eduPersonAffiliation' => array('member', 'student'), | |
| ), | |
| 'employee:employeepass' => array( | |
| 'uid' => array('employee'), | |
| 'eduPersonAffiliation' => array('member', 'employee'), | |
| ), | |
| ), | |
| ?> |
Configure files for wsfed-sp
Location: metadata
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * WS-Federation SP configuration for simpleSAMLphp. | |
| * | |
| * Required fields: | |
| * - host | |
| */ | |
| $metadata['__DYNAMIC:1__'] = array( | |
| 'host' => '__DEFAULT__' | |
| ); | |
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //needed for adfs remote | |
| $metadata['myidentity.com'] = array ( | |
| 'prp' => 'https://myidentity.com/simplesaml/module.php/adfs/idp/prp.php', | |
| 'certificate' => 'myidentity.com.pem', | |
| ?> |
Configure files for adfs-ip
location: metadata
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $metadata['myidentity.com'] = array( | |
| 'host' => '__DEFAULT__', | |
| /* | |
| * The hostname of the server (VHOST) that will use this SAML entity. | |
| * | |
| * Can be '__DEFAULT__', to use this entry by default. | |
| */ | |
| //'host' => 'myidentity.com', | |
| /* X.509 key and certificate. Relative to the cert directory. */ | |
| 'privatekey' => 'myidentity.com.key', | |
| 'certificate' => 'myidentity.com.pem', | |
| /* needed this for sharepoint config(is yet to come) */ | |
| /* | |
| * Authentication source to use. Must be one that is configured in | |
| * 'config/authsources.php'. | |
| */ | |
| 'auth' => 'example-static', | |
| 22 => 'saml:NameIDAttribute', | |
| 60 => array( | |
| 'class' => 'core:TargetedID', | |
| 'nameId' => TRUE, | |
| ), | |
| 'metadata.sign.enable' => FALSE, | |
| 98 => array('class' => 'core:AttributeMap', 'name2claim'), | |
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $metadata['urn:federation:myidentity.com'] = array( | |
| 'prp' => 'https://myidentity.com/simplesaml/wsfed/sp/prp.php', | |
| 'authproc' => array( | |
| 50 => array( | |
| 'class' => 'core:AttributeLimit', | |
| 'cn', 'mail', 'uid', 'eduPersonAffiliation','memberOf' | |
| ), | |
| ), | |
| ?> |
Test using the :
https://myidentity.com/simplesaml/example-simple/wsfed-example.php
Con gratz, on your adfs idp & wsfed sp
Up next sharepoint 2013 + Simplesamlphp ADFS IdP
Up next sharepoint 2013 + Simplesamlphp ADFS IdP
Your amazing insightful information entails much to me and especially to my peers. ExcelR Data Scientist Course In Pune
BeantwoordenVerwijderen