2017 © Pedro Peláez
 

library shib-auth-bundle

Shibboleth based (federated SAML) user authentication bundle

image

niif/shib-auth-bundle

Shibboleth based (federated SAML) user authentication bundle

  • Wednesday, May 30, 2018
  • by gyufi
  • Repository
  • 6 Watchers
  • 0 Stars
  • 1,384 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 1 Open issues
  • 11 Versions
  • 8 % Grown

The README.md

The bundle provides the authentication security token to users who authenticate via Shibboleth SP apache implementation., (*1)

Then you can implement access control as symfony does., (*2)

You must implement your own user provider, this bundle not working without them., (*3)

Install

Install the bundle by composer, (*4)

composer require niif/shib-auth-bundle, (*5)

Update app/AppKernel.php, (*6)

$bundles = array(
            ...
            new Niif\ShibAuthBundle\NiifShibAuthBundle(),
            ...
        );

Configure the shibboleth bundle., (*7)

update your app/config/config.yml, (*8)

...
niif_shib_auth: ~
# niif_shib_auth:
    # baseURL:           "%shib_auth_base_url%" # optional, have default value:  /Shibboleth.sso/
    # sessionInitiator:  "%shib_auth_session_initiator%" # optional, have default value: Login
    # logoutPath:        "%shib_auth_logout_path%" # optional, have default value: Logout
    # logoutReturnPath:  "%shib_auth_logout_return_path%" # optional, have default value: "/" you should use absolute url, or named symfony route too.
    # usernameAttribute: "%shib_auth_username_attribute%" # optional, have default value: REMOTE_USER
    # moduleAttribute:   "%shib_auth_module_attribute%" # optional, the name of the server variable for ensure shibboleth session exist default: HTTP_SHIB_APPLICATION_ID
...

then add new firewall rule, (*9)

in app/config/security.yml, (*10)

    ...
    providers:
        ...
        shibboleth:
            id: shibboleth.user.provider
        ...
    ...
    firewalls:
        ...            
        main:
            guard:
                authenticators:
                    - niif_shib_auth.shib_authenticator
        logout:
                path:   /logout
                target: /
                invalidate_session: true
                success_handler: niif_shib_auth.shib_authenticator
        ...

You should create a simple the logout action in any controller:, (*11)

```php /** * @Route("/logout") * @Template() * @return \Symfony\Component\HttpFoundation\RedirectResponse */ public function logoutAction() { return $this->redirect($this->generateUrl('logged_out')); }, (*12)


# Impersonate The authenticator support the impersonate feature. in `app/config/security.yml` ```yaml ... providers: ... shibboleth: id: shibboleth.user.provider in_memory: memory: ~ ... ... firewalls: ... switch_user: { provider: in_memory } main: guard: authenticators: - niif_shib_auth.shib_authenticator logout: path: /logout target: / invalidate_session: true success_handler: niif_shib_auth.shib_authenticator ...

Simulate shibboleth authentication in development environment

When you develop an application you shoud simulate shibboleth authentication anyhow. You can do it in apache config, after enable headers and env modules:, (*13)

        Alias /my_app /home/me/my_app/web
        <Directory /home/me/my_app/web>
           Options Indexes FollowSymLinks
           AllowOverride All
           Require all granted           
           SetEnv Shib-Person-uid myuid
           SetEnv Shib-EduPersonEntitlement urn:oid:whatever
           RequestHeader append Shib-Identity-Provider "fakeIdPId"
           RequestHeader append eppn "myeppn"
        </Directory>

The Versions

30/05 2018

dev-master

9999999-dev

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

30/05 2018

v1.2.6

1.2.6.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

15/01 2018

v1.2.5

1.2.5.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

30/06 2017

v1.2.4

1.2.4.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

16/02 2017

v1.2.3

1.2.3.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

16/02 2017

v1.2.2

1.2.2.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

10/10 2016

1.2.1

1.2.1.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

13/09 2016

1.2.0

1.2.0.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

31/08 2016

v1.1.1

1.1.1.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

24/08 2016

v1.1.0

1.1.0.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Gyula Szabó
by Tamás Dévai

06/05 2016

v1.0.0

1.0.0.0

Shibboleth based (federated SAML) user authentication bundle

  Sources   Download

MIT

by Tamás Dévai