Topic on Extension talk:SimpleSAMLphp/Flow

Where is the SP and IdP Metadata config?

4
WikiManBanx (talkcontribs)

Hello,

In examples I have seen to get this up and running, there is mention of authSourceId as default-sp (inside of $wgPluggableAuth_Config). Where is default-sp configured? There is also mention of a config.php file but I cannot find this in the installation folder for the simplesamlphp extension. Specifically, I am missing how to setup the SP metadata and also, ingest the IdP metadata into mediawiki for SAML authentication. Any help will be greatly appreciated, thank you.

This is where I am so far

wfLoadExtension( 'PluggableAuth' );

$wgPluggableAuth_EnableAutoLogin = true;

$wgPluggableAuth_EnableLocalLogin = true; //false

$wgPluggableAuth_EnableLocalProperties = false;

$wgGroupPermissions['*']['autocreateaccount'] = true;

# adding SimpleSAMLphp extension

wfLoadExtension( 'SimpleSAMLphp' );

# SimpleSAMLphp install directory. Required.

$wgSimpleSAMLphp_InstallDir = '/extensions/SimpleSAMLphp/src';

$wgPluggableAuth_Config['Log in using Banks SAML'] = [

    'plugin' =>   'SimpleSAMLphp',

    'data'   => [

'authSourceId'      => 'default-sp',

'usernameAttribute' => '...emailaddress',

'realNameAttribute' => '...name',

'emailAttribute'    => '...emailaddress'

                ]

];

@Cindy.cicalese

Really sorry for tagging you Cindy if I am not supposed to. I am doing so because I see you an author for SimpleSamlphp and really need help. Thank you.

Note: took out the preceding part of the user attributes cause my topic was being warned as having spam links

Cindy.cicalese (talkcontribs)
WikiManBanx (talkcontribs)

That makes sense! Thank you Cindy! Will give that a go and ask any questions I have after, if any.

WikiManBanx (talkcontribs)

Thank you very much (I think Osnard also responded). I had no idea simplesamlphp (the mediawiki extension) is different from simplesamlphp (from simplesaml.org). Since then, I have installed SimpleSAMLphp in my application at /var/simplesamlphp (version 2.2.1). But I get an error when trying to hit the admin page of simplesamlphp. Logs show a 500 error when trying to GET /mediawiki/var/simplesamlphp/public/module.php. Any help will be appreciated.

I also get this error when I try to login with SAML

PHP Deprecated: Creation of dynamic property Less_Tree_Dimension::$parensInOp is deprecated in /mediawiki/vendor/wikimedia/less.php/lib/Less/Parser.php

Here are relevant contents of my LocalSettings.php file

# adding PluggableAuth extension

wfLoadExtension( 'PluggableAuth' );

$wgPluggableAuth_EnableAutoLogin = true;

$wgPluggableAuth_EnableLocalLogin = true; //false

$wgPluggableAuth_EnableLocalProperties = false;

$wgGroupPermissions['*']['autocreateaccount'] = true;

#adding SimpleSAMLphp extension

wfLoadExtension( 'SimpleSAMLphp' );

#SimpleSAMLphp install directory. Required.

$wgSimpleSAMLphp_InstallDir = 'var/simplesaml';

// SAML AuthENTICATION (Tell Mediawiki "WHO" the user "IS")

$wgPluggableAuth_Config['Log in using SAML'] = [

    'plugin' =>   'SimpleSAMLphp',

    'data'   => [

'authSourceId'      => 'default-sp',

'usernameAttribute' => 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress',

'realNameAttribute' => 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name',

'emailAttribute'    => 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'

                ]

];

Reply to "Where is the SP and IdP Metadata config?"