PHPackages ae/oneloginsaml-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. ae/oneloginsaml-bundle ActiveSymfony-bundle ae/oneloginsaml-bundle ====================== OneLogin SAML Bundle for Symfony2 v2.1.1(6y ago)15.5k↓100%MITPHPCI failing Since Jul 6Pushed 6y ago16 watchersCompare [ Source](https://github.com/advisors-excel-llc/OneLoginSamlBundle)[ Packagist](https://packagist.org/packages/ae/oneloginsaml-bundle)[ RSS](/packages/ae-oneloginsaml-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (5)Dependencies (7)Versions (6)Used By (0) OneloginSamlBundle ================== [](#oneloginsamlbundle) OneLogin SAML Bundle for Symfony. () Installation ------------ [](#installation) Install with composer ``` "require": { "ae/oneloginsaml-bundle": "dev-master" } ``` Run composer update ``` composer update ae/oneloginsaml-bundle ``` Enable the bundle in `app/AppKernel.php` ``` $bundles = array( // ... new AE\OneLoginSamlBundle\AEOneLoginSamlBundle(), ) ``` Configuration ------------- [](#configuration) Configure SAML metadata in `app/config/config.yml`. Check for more info. ``` ae_one_login_saml: # default is the config name, but can be anything. This is used in firewall and route config default: # Basic settings idp: entityId: 'http://id.example.com/saml2/idp/metadata.php' singleSignOnService: url: 'http://id.example.com/saml2/idp/SSOService.php' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' singleLogoutService: url: 'http://id.example.com/saml2/idp/SingleLogoutService.php' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' x509cert: '' sp: entityId: 'http://myapp.com/app_dev.php/saml/metadata' assertionConsumerService: url: 'http://myapp.com/app_dev.php/saml/acs' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' singleLogoutService: url: 'http://myapp.com/app_dev.php/saml/logout' binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' # Optional settings security: nameIdEncrypted: false authnRequestsSigned: false logoutRequestSigned: false logoutResponseSigned: false wantMessagesSigned: false wantAssertionsSigned: false wantNameIdEncrypted: false requestedAuthnContext: true signMetadata: false wantXMLValidation: true signatureAlgorithm: 'http://www.w3.org/2000/09/xmldsig#rsa-sha1' digestAlgorithm: 'http://www.w3.org/2000/09/xmldsig#sha1' contactPerson: technical: givenName: 'Tech User' emailAddress: 'techuser@example.com' support: givenName: 'Support User' emailAddress: 'supportuser@example.com' organization: en: name: 'Example' displayname: 'Example' url: 'http://example.com' ``` If you don't want to set contactPerson or organization, don't add those parameters instead of leaving them blank. Configure firewall and user provider in `app/config/security.yml` ``` security: # ... providers: saml_provider: # Basic provider instantiates a user with default roles saml: user_class: 'AppBundle\Entity\User' default_roles: ['ROLE_USER'] firewalls: app: pattern: ^/ anonymous: true saml: # Tell the firewall which SAML config to use, defaults to 'default' config: default # Match SAML attribute 'uid' with username. # Uses getNameId() method by default. username_attribute: check_path: /saml/default/acs login_path: /saml/default/login logout: # Path should be /saml/[CONFIG NAME]/logout path: /saml/default/logout access_control: - { path: ^/saml/default/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/saml/default/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/, roles: ROLE_USER } ``` Edit your `app/config/routing` ``` ae_saml_sp: resource: "@AEOneLoginSamlBundle/Resources/config/routing.yml" ``` Inject SAML attributes into User object (Optional) -------------------------------------------------- [](#inject-saml-attributes-into-user-object-optional) Your user class must implement `SamlUserInterface` ```