ktbartholomew
commented
7 years ago It could be more straightforward to use https://github.com/onelogin/php-saml instead of hacking up SimpleSAMLPHP to behave the way we want it to.
Open ktbartholomew opened 8 years ago
ktbartholomew
commented
7 years ago It could be more straightforward to use https://github.com/onelogin/php-saml instead of hacking up SimpleSAMLPHP to behave the way we want it to.
Currently, we've hijacked bits of the SSP web interface to do the actual consumption of SAML assertions, but that's limiting what we can do with multisite because we have to bend to several of SSP's assumptions about how things are organized (namely, storing certificates in files).
There may be some lower-level methods within SSP that can be used to parse assertions while still allowing us to customize other parts of the workflow.
Doing this would probably also fix https://github.com/ktbartholomew/saml-20-single-sign-on/issues/2