Blogs » Jeff Brown's blog

simpleSAMLphp

http://virtuallyhyper.com/2013/05/set-up-simplesamlphp-as-an-idp-to-be-u...

https://login.waspa.org.za/simplesaml/saml2/idp/SSOService.php?spentityi...

Logout page in App:
(https://login.waspa.org.za/simplesaml/saml2/idp/initSLO.php?RelayState=/...)

http://virtuallyhyper.com/2013/05/set-up-simplesamlphp-as-an-idp-to-be-u...

apt-get install simplesamlphp
a2enconf simplesamlphp
service apache2 restart
nano /etc/simplesamlphp/config.php
'enable.saml20-idp' => true,

cd /etc/ssl
mkdir saml
cd saml
openssl genrsa -des3 -out googleappsidp.key 2048 (pass: ********)
openssl rsa -in googleappsidp.key -out googleappsidp.pem
openssl req -new -key googleappsidp.key -out googleappsidp.csr
openssl x509 -req -days 9999 -in googleappsidp.csr -signkey googleappsidp.key -out googleappsidp.crt

touch /usr/share/simplesamlphp/modules/exampleauth/enable

nano /etc/simplesamlphp/authsources.php  and add the following section under the example-userpass section:
'example-userpass' => array( 'exampleauth:UserPass',
                'jeffatwaspa [dot] net [dot] za:w4sp4gsu1t3' => array( 'uid' => array('jeffatwaspa [dot] net [dot] za'),),),

cp /usr/share/doc/simplesamlphp/examples/metadata-templates/saml20-idp-hosted.php /etc/simplesamlphp/metadata/
nano /etc/simplesamlphp/metadata/saml20-idp-hosted.php and add/amend the following:

< ?php
$metadata['__DYNAMIC:1__'] = array(
    // The hostname of the server (VHOST) that this SAML entity will use.
    'host'              =>  'waspa.org.za',

    // X.509 key and certificate. Relative to the cert directory.
    'privatekey'   => '/etc/ssl/saml/googleappsidp.pem',
    'certificate'  => '/etc/ssl/saml/googleappsidp.crt',

    'auth' => 'example-userpass',
);

nano /etc/simplesamlphp/metadata/saml20-sp-remote.php
 

Comments

Add new comment

Total views: 52