You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
SimpleSAMLphp: What version are you using? => 2.0.0
PHP: What version are you using? => 8.1
Platform: unix or Windows? => Dev: Windows / Productive: Unix
Webserver: Apache/Nginx/ISS? => Apache
Describe the bug
I want to use the existing Login Page of our website for saml authentication. If the user is already logged on our website, he/she should be automatically authenticated to the SP.
I tried to do the following steps:
I created an External Auth Source and in the "getUser" function I wanted to check if our custom Login Session exists, which means the user is logged in. But somehow I cannot access my own Sessions during the authentication process. I tried to use the session_write_close() function before calling any SAML functions.
... to get my custom Sessions, but nothing works. The only thing I get is the SimpleSAMLphp_SESSION.
I'm kinda new to SAML - so maybe I'm doing anything wrong, I'm not sure tbh.
I just want to use the ID of the current user (which is stored in a Session) in the "getUser" function. Or is it possible to append custom params to the requireAuth function? I tried it but it doesn't work either.
The text was updated successfully, but these errors were encountered:
That's not really the way SAML works, or at least getting it to work the way you describe will be really hard work.
SAML has a central authentication server (IDP, "Identity Provider") which has the passwords / does the authentication, and one or more web servers (SP, "Service Providers") which trust the IDP. In that model, your existing web server would be a "Service Provider" (ie. client of the authentication server - IDP). The IDP should have the login page, the SPs trust the IDP.
I'm assuming your existing website has a database (or something like that) which you're doing authentication against at the moment, and you more care about not moving the source data more that you actually care which server the page is hosted on. I'd change your setup so that your web server is an SP, and write an authentication module / plugin for SimpleSAMLphp to query your existing website database (or whatever the authentication backend for your website is) to actually do the authentication. If it's simple enough, you might be able to use one of the bundled authentication modules,
Specifics of your environment
Describe the bug
I want to use the existing Login Page of our website for saml authentication. If the user is already logged on our website, he/she should be automatically authenticated to the SP.
I tried to do the following steps:
I created an External Auth Source and in the "getUser" function I wanted to check if our custom Login Session exists, which means the user is logged in. But somehow I cannot access my own Sessions during the authentication process. I tried to use the session_write_close() function before calling any SAML functions.
In getUser() I tried to call these functions...
... to get my custom Sessions, but nothing works. The only thing I get is the SimpleSAMLphp_SESSION.
I'm kinda new to SAML - so maybe I'm doing anything wrong, I'm not sure tbh.
I just want to use the ID of the current user (which is stored in a Session) in the "getUser" function. Or is it possible to append custom params to the requireAuth function? I tried it but it doesn't work either.
The text was updated successfully, but these errors were encountered: