swisscom/simplesamlserviceprovider

Neos Flow package containing a SAML service provider based on SimpleSAMLphp.

Maintainers

Details

github.com/onivaevents/Swisscom.SimpleSamlServiceProvider

Source

Issues

Installs: 3 922

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 5

Forks: 4

Open Issues: 0

Type:neos-package

3.0.0 2025-05-23 13:42 UTC

Requires

MIT 079490c466bd864034aedc4ef71f14e516b0fd04

flowAuthenticationNeossamlsimplesamlphp

This package is auto-updated.

Last update: 2025-05-29 01:14:15 UTC

README

Neos Flow SAML authentication package containing a SAML service provider based on SimpleSAMLphp.

Installation

Cf: https://simplesamlphp.org/docs/2.4/simplesamlphp-install.html

Install this package via composer. It will add simplesamlphp/simplesamlphp as dependency.

Think as the simplesamlphp installation as an application inside your Flow application. Therefore, have a look at Installing SimpleSAMLphp in alternative locations

Apache

  1. Create symlink Web/simplesamlphp -> ../Packages/Libraries/simplesamlphp/simplesamlphp/public
  2. Patch the Apache .htaccess configuration to not rewrite simplesamlphp and set the SIMPLESAMLPHP_CONFIG_DIR environment var. There is apatch for you: htaccess.patch

Nginx

For Nginx you we don't need a symlink.

  1. Use the configuration from here: Configuring Nginx
  2. Adapt the alias to the absolut path of your installation.

As a starting point for the coinfiguration, copy the example structure to the SIMPLESAMLPHP_CONFIG_DIR under Configuration/SimpleSamlPhp/

Sample setup

As a sample and for test purposes, the serverless SAML identity provider Samling can be configured most basically as follows:

mkdir Configuration/SimpleSamlPhp/metadata
cp Packages/Libraries/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php.dist Configuration/SimpleSamlPhp/metadata/saml20-idp-remote.php

Add the following metadata config to Configuration/SimpleSamlPhp/metadata/saml20-idp-remote.php:

$metadata['https://fujifish.github.io/samling/samling.html'] = array(
    /* Configuration options for the first IdP. */
    'SingleSignOnService' => [
        [
            'Location' => 'https://fujifish.github.io/samling/samling.html',
            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
        ],
    ],
    'certificate' => 'samling.pub'
);

The certificate is copied from https://fujifish.github.io/samling/samling.html to the cert folder (see certdir in config.php).

Integration

Have a look into the package's Configuration/Settings.yaml and configure the entry points if needed.

The following setting has to match the authentication source configured in the SimpleSAMLphp authsources.php config file:

Swisscom:
  SimpleSamlServiceProvider:
    authSource: 'default-sp'