SimpleSAMLphp is a tool for enabling single sign on, which is where you use one website to authenticate (login) users for multiple other websites. You can find more information here: https://simplesamlphp.org. Hopefully, this tutorial will give you a good start before you dive into their documentation, which can be confusing and intimidating for newbies.
Terminology
Here are some abbreviations I’ll use and what they mean:
(SSO) Single Sign On : the simple concept of having one website handle user log ins for multiple websites.
(IDP) Identity Provider : the one website that stores user names and passwords to handle log ins.
(SP) Service Provider : any of the other websites that use the IDP for authentication.
(SAML) Security Assertion Markup Language : a protocol used to implement SSO.
(Shib) Shibboleth : an extension of the SAML protocol. Usually compatible with SAML.
SimpleSAMLphp supports SAML 2.0 and Shib 1.3
What This Tutorial Covers
- Installing SimpleSAMLphp
- Configure An IDP With Shibboleth 1.3
- Configure An SP With SAML 2.0
What You Need For This Tutorial
If you’re just trying to set up an SP that will integrate with someone else’s IDP, all you need will be the following information:
- The IDP’s Entity ID
- The url where the IDP’s metadata can be downloaded
Otherwise, if you plan on setting up both an IDP and SP, you will need:
You need 2 domain names. The IDP & SP need to store separate browser cookies. Being on the same domain causes their cookies to conflict and it won’t work. You can use…
