KNF:SimpleSAMLphp-sp/en: verschil tussen versies

Uit Kennisnet Developers Documentatie
Ga naar: navigatie, zoeken
(Installation)
(Configuration)
Regel 8: Regel 8:
 
# [http://simplesamlphp.org/docs/stable/simplesamlphp-sp Quickstart document SimpleSAMLphp]
 
# [http://simplesamlphp.org/docs/stable/simplesamlphp-sp Quickstart document SimpleSAMLphp]
   
===Configuration===
+
==Step 2: Configuration==
 
The Entree Federation requires a couple of specific configurations within SimpleSAMLphp.<br/>
 
The Entree Federation requires a couple of specific configurations within SimpleSAMLphp.<br/>
 
'''NOTE''' The following examples are additions or changes to the original. The php tags are not included.
 
'''NOTE''' The following examples are additions or changes to the original. The php tags are not included.

Versie van 15 aug 2018 om 10:08

KNF-symbol.png Kennisnet Federation: SimpleSAMLphp-sp

Nl.gif Nederlands En.gif English


Step 1: Installation

  1. Installation documentation SimpleSAMLphp
  2. Quickstart document SimpleSAMLphp

Step 2: Configuration

The Entree Federation requires a couple of specific configurations within SimpleSAMLphp.
NOTE The following examples are additions or changes to the original. The php tags are not included.

authsources.php

    'default-sp' => array(
        'saml:SP',
        
        // Insert your application entityID (usually the unique url of your service)   
        'entityID' => 'http://domainname.com',
        
        // Certificate generated in step 1.1 in the Quickstart
        'privatekey' => 'saml.pem',
        'certificate' => 'saml.crt',

        // Changing the standard menu for Identity Providers to the Entree Federation menu
        // NOTE: The configuration below is set for the Entree staging environment. When going live the value should be changed to aselect.entree.kennisnet.nl
        'idp' => 'aselect-s.entree.kennisnet.nl',

        // Changing the Entree Federation attribute formats
        'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
        'AttributeNameFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified',

        // Optional configuration to enable pre-login which than can be called by the Identity provider
        // 'IDPList' => array( 'entityidofidp', ),
        // 'ProxyCount' => 1,
    ),

config.php

        // The path through which simpleSAMLphp is available. This should match with the Alias location in the webserver configuration
        'baseurlpath'           => 'simplesaml/',

        // Change the standard password for the webinterface!!! 
        'auth.adminpassword'          => '!123456!',

        // Insert your own contact information
        'technicalcontact_name'     => 'Servicedesk Kennisnet',
        'technicalcontact_email'    => 'servicedesk@kennisnet.nl',