0
我們正在測試simplesamlphp與ADFS/Shiboleth的使用。沒有idp使用simplesamlphp與symfony2綁定
我已經成功地使用了'vanilla'simplesamlphp。然而,我們需要與Symfony2的工作 - 即這束:https://github.com/hslavich/SimplesamlphpBundle
我們已經配置,但越來越試圖測試通過simplesamlphp IDP和SP(我們使用的是https://www.testshib.org/ IDP)時表示沒有身份提供商 - 「選擇身份提供商'頁面
我們沒有收到任何錯誤,並且運行狀況檢查運行正常,所以似乎所有配置都不是idp連接。元數據從simplesaml php中的idp轉換爲github和simplesaml上的文檔。
希望這是一個明顯的問題,對其他symfony包的任何想法或建議表示歡迎。
乾杯
authsouources.php
$config = array(
// This is a authentication source which handles admin authentication.
'admin' => array(
// The default is to use core:AdminPassword, but it can be replaced with
// any authentication source.
'core:AdminPassword',
),
// An authentication source which can authenticate against both SAML 2.0
// and Shibboleth 1.3 IdPs.
'default-sp' => array(
'saml:SP',
'privatekey' => '/etc/httpd/ssl/cert.key',
'certificate' => '/etc/httpd/ssl/key.crt',
// The entity ID of this SP.
// Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.
'entityID' => 'https://idp.testshib.org/idp/shibboleth',
// The entity ID of the IdP this should SP should contact.
// Can be NULL/unset, in which case the user will be shown a list of available IdPs.
'idp' => null,
// The URL to the discovery service.
// Can be NULL/unset, in which case a builtin discovery service will be used.
'discoURL' => null,
)
);
saml20-IDP-remote.php
<?php
$metadata['https://idp.testshib.org/idp/shibboleth'] = array (
'entityid' => 'https://idp.testshib.org/idp/shibboleth',
'description' =>
array (
'en' => 'TestShib Two Identity Provider',
),
'OrganizationName' =>
array (
'en' => 'TestShib Two Identity Provider',
),
'name' =>
array (
'en' => 'TestShib Test IdP',
),
'OrganizationDisplayName' =>
array (
'en' => 'TestShib Two',
),
'url' =>
array (
'en' => 'http://www.testshib.org/testshib-two/',
),
'OrganizationURL' =>
array (
'en' => 'http://www.testshib.org/testshib-two/',
),
'contacts' =>
array (
0 =>
array (
'contactType' => 'technical',
'givenName' => 'Nate',
'surName' => 'Klingenstein',
'emailAddress' =>
array (
0 => '[email protected]',
),
),
),
'metadata-set' => 'saml20-idp-remote',
'SingleSignOnService' =>
array (
0 =>
array (
'Binding' => 'urn:mace:shibboleth:1.0:profiles:AuthnRequest',
'Location' => 'https://idp.testshib.org/idp/profile/Shibboleth/SSO',
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/POST/SSO',
),
2 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO',
),
3 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://idp.testshib.org/idp/profile/SAML2/SOAP/ECP',
),
),
'SingleLogoutService' =>
array (
),
'ArtifactResolutionService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding',
'Location' => 'https://idp.testshib.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution',
'index' => 1,
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://idp.testshib.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution',
'index' => 2,
),
),
'NameIDFormats' =>
array (
0 => 'urn:mace:shibboleth:1.0:nameIdentifier',
1 => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
),
'keys' =>
array (
0 =>
array (
'encryption' => true,
'signing' => true,
'type' => 'X509Certificate',
'X509Certificate' => '
MIIEDjCCAvagAwIBAgIBADANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJVUzEV
MBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1cmdoMREwDwYD
VQQKEwhUZXN0U2hpYjEZMBcGA1UEAxMQaWRwLnRlc3RzaGliLm9yZzAeFw0wNjA4
MzAyMTEyMjVaFw0xNjA4MjcyMTEyMjVaMGcxCzAJBgNVBAYTAlVTMRUwEwYDVQQI
EwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVyZ2gxETAPBgNVBAoTCFRl
c3RTaGliMRkwFwYDVQQDExBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEArYkCGuTmJp9eAOSGHwRJo1SNatB5ZOKqDM9ysg7C
yVTDClcpu93gSP10nH4gkCZOlnESNgttg0r+MqL8tfJC6ybddEFB3YBo8PZajKSe
3OQ01Ow3yT4I+Wdg1tsTpSge9gEz7SrC07EkYmHuPtd71CHiUaCWDv+xVfUQX0aT
NPFmDixzUjoYzbGDrtAyCqA8f9CN2txIfJnpHE6q6CmKcoLADS4UrNPlhHSzd614
kR/JYiks0K4kbRqCQF0Dv0P5Di+rEfefC6glV8ysC8dB5/9nb0yh/ojRuJGmgMWH
gWk6h0ihjihqiu4jACovUZ7vVOCgSE5Ipn7OIwqd93zp2wIDAQABo4HEMIHBMB0G
A1UdDgQWBBSsBQ869nh83KqZr5jArr4/7b+QazCBkQYDVR0jBIGJMIGGgBSsBQ86
9nh83KqZr5jArr4/7b+Qa6FrpGkwZzELMAkGA1UEBhMCVVMxFTATBgNVBAgTDFBl
bm5zeWx2YW5pYTETMBEGA1UEBxMKUGl0dHNidXJnaDERMA8GA1UEChMIVGVzdFNo
aWIxGTAXBgNVBAMTEGlkcC50ZXN0c2hpYi5vcmeCAQAwDAYDVR0TBAUwAwEB/zAN
BgkqhkiG9w0BAQUFAAOCAQEAjR29PhrCbk8qLN5MFfSVk98t3CT9jHZoYxd8QMRL
I4j7iYQxXiGJTT1FXs1nd4Rha9un+LqTfeMMYqISdDDI6tv8iNpkOAvZZUosVkUo
93pv1T0RPz35hcHHYq2yee59HJOco2bFlcsH8JBXRSRrJ3Q7Eut+z9uo80JdGNJ4
/SJy5UorZ8KazGj16lfJhOBXldgrhppQBb0Nq6HKHguqmwRfJ+WkxemZXzhediAj
Geka8nz8JjwxpUjAiSWYKLtJhGEaTqCYxCCX2Dw+dOTqUzHOZ7WKv4JXPK5G/Uhr
8K/qhmFT2nIQi538n6rVYLeWj8Bbnl+ev0peYzxFyF5sQA==
',
),
),
'scope' =>
array (
0 => 'testshib.org',
),
'UIInfo' =>
array (
'DisplayName' =>
array (
'en' => 'TestShib Test IdP',
),
'Description' =>
array (
'en' => 'TestShib IdP. Use this as a source of attributes
for your test SP.',
),
'InformationURL' =>
array (
),
'PrivacyStatementURL' =>
array (
),
'Logo' =>
array (
0 =>
array (
'url' => 'https://www.testshib.org/testshibtwo.jpg',
'height' => 88,
'width' => 253,
),
),
),
);
我不明白這兩個文件是如何相關的捆綁?你如何實際加載配置? – xabbuh