我们正在测试使用Simplesamlphp和ADFS / Shiboleth。
我已成功使用'vanilla'simplesamlphp。但是我们需要使用symfony2 - 即这个包:https://github.com/hslavich/SimplesamlphpBundle
我们已经配置但在尝试通过simplesamlphp测试idp和sp(我们使用https://www.testshib.org/ idp)时没有显示身份提供程序 - “选择您的身份提供商”页面
我们没有错误,并且完整性检查运行正常,因此所有似乎都配置为除了idp连接。根据github和simplesaml上的文档,元数据是从simplesaml php中的idp转换而来。
希望这是一个明显的问题,欢迎任何有关其他symfony捆绑的想法或建议。
干杯
authsouources.php
$config = array(
// This is a authentication source which handles admin authentication.
'admin' => array(
// The default is to use core:AdminPassword, but it can be replaced with
// any authentication source.
'core:AdminPassword',
),
// An authentication source which can authenticate against both SAML 2.0
// and Shibboleth 1.3 IdPs.
'default-sp' => array(
'saml:SP',
'privatekey' => '/etc/httpd/ssl/cert.key',
'certificate' => '/etc/httpd/ssl/key.crt',
// The entity ID of this SP.
// Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.
'entityID' => 'https://idp.testshib.org/idp/shibboleth',
// The entity ID of the IdP this should SP should contact.
// Can be NULL/unset, in which case the user will be shown a list of available IdPs.
'idp' => null,
// The URL to the discovery service.
// Can be NULL/unset, in which case a builtin discovery service will be used.
'discoURL' => null,
)
);
saml20-IDP-remote.php
<?php
$metadata['https://idp.testshib.org/idp/shibboleth'] = array (
'entityid' => 'https://idp.testshib.org/idp/shibboleth',
'description' =>
array (
'en' => 'TestShib Two Identity Provider',
),
'OrganizationName' =>
array (
'en' => 'TestShib Two Identity Provider',
),
'name' =>
array (
'en' => 'TestShib Test IdP',
),
'OrganizationDisplayName' =>
array (
'en' => 'TestShib Two',
),
'url' =>
array (
'en' => 'http://www.testshib.org/testshib-two/',
),
'OrganizationURL' =>
array (
'en' => 'http://www.testshib.org/testshib-two/',
),
'contacts' =>
array (
0 =>
array (
'contactType' => 'technical',
'givenName' => 'Nate',
'surName' => 'Klingenstein',
'emailAddress' =>
array (
0 => 'ndk@internet2.edu',
),
),
),
'metadata-set' => 'saml20-idp-remote',
'SingleSignOnService' =>
array (
0 =>
array (
'Binding' => 'urn:mace:shibboleth:1.0:profiles:AuthnRequest',
'Location' => 'https://idp.testshib.org/idp/profile/Shibboleth/SSO',
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/POST/SSO',
),
2 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO',
),
3 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/SOAP/ECP',
),
),
'SingleLogoutService' =>
array (
),
'ArtifactResolutionService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding',
'Location' => 'https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution',
'index' => 1,
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution',
'index' => 2,
),
),
'NameIDFormats' =>
array (
0 => 'urn:mace:shibboleth:1.0:nameIdentifier',
1 => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
),
'keys' =>
array (
0 =>
array (
'encryption' => true,
'signing' => true,
'type' => 'X509Certificate',
'X509Certificate' => '
MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
/SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
',
),
),
'scope' =>
array (
0 => 'testshib.org',
),
'UIInfo' =>
array (
'DisplayName' =>
array (
'en' => 'TestShib Test IdP',
),
'Description' =>
array (
'en' => 'TestShib IdP. Use this as a source of attributes
for your test SP.',
),
'InformationURL' =>
array (
),
'PrivacyStatementURL' =>
array (
),
'Logo' =>
array (
0 =>
array (
'url' => 'https://www.testshib.org/testshibtwo.jpg',
'height' => 88,
'width' => 253,
),
),
),
);