PHPackages niif/shibboleth-user-provider-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. niif/shibboleth-user-provider-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) niif/shibboleth-user-provider-bundle ==================================== General UserProvider bundle for shibboleth bundle 041PHP Since Mar 3Pushed 8y ago5 watchersCompare [ Source](https://github.com/NIIF/ShibbolethUserProviderBundle)[ Packagist](https://packagist.org/packages/niif/shibboleth-user-provider-bundle)[ RSS](/packages/niif-shibboleth-user-provider-bundle/feed)WikiDiscussions master Synced 3w ago READMEChangelogDependenciesVersions (1)Used By (0) The bundle provides roles for authenticated users according SAML entitlement attributes in $\_SERVER variables. You can define regexp for ROLE\_ADMIN, ROLE\_USER, ROLE\_GUEST and ROLE\_whatever what you get from entitlement value. Then you can implement access control as symfony does. Install ======= [](#install) Insert lines above to `composer.json`: ``` ... "repositories": [ { "type": "vcs", "url": "git@dev.niif.hu:gyufi/shibbolethuserproviderbundle.git" } ], ... ``` Install the bundle, ``` composer require niif/shibboleth-user-provider-bundle ``` Update `app/AppKernel.php` ``` $bundles = array( ... new KULeuven\ShibbolethBundle\ShibbolethBundle(), new Niif\ShibbolethUserProviderBundle\NiifShibbolethUserProviderBundle(), ... ); ``` Configure the shibboleth bundle as you see in . Configure the user provider. - *entitlement\_serverparameter*, the key of the $\_SERVER array, that contain the users role values. **Required** - *entitlement\_prefix*, the prefix of the role, for example *urn:geant:niif.hu:hexaa:40:* **Required** - *generate\_custom\_roles*, generate roles with the entitlement value, for example *ROLE\_customer* from *urn:geant:niif.hu:hexaa:40:customer* entitlement. Default is `FALSE`. - *custom\_role\_prefix*, the prefix of custom role if exists. For example *urn:geant:niif.hu:hexaa:40:org:sztaki* the prefix is *org:* and the role will be: ROLE\_sztaki. Default `""`. - *custom\_additional\_role*, if exists, the role is taking to user if has custom role, typically ROLE\_USER. Default: `ROLE_USER`. - *admin\_role\_regexp*, what value is the ROLE\_ADMIN. Default is `/^admin$/` - *user\_role\_regexp*, what value is the ROLE\_USER. Default is `/^user$/` - *guest\_role\_regexp*, what value is the ROLE\_GUEST. Default is `/^guest$/` update your `app/config/config.yml` ``` ... niif_shibboleth_user_provider: entitlement_serverparameter: %shibboleth_user_provider_entitlement_serverparameter% entitlement_prefix: %shibboleth_user_provider_entitlement_prefix% generate_custom_roles: %shibboleth_user_provider_generate_custom_roles% # custom_role_prefix: %shibboleth_user_provider_custom_role_prefix% # custom_additional_role: %shibboleth_user_provider_custom_additional_role% # admin_role_regexp: %shibboleth_user_provider_admin_role_regexp% # user_role_regexp: %shibboleth_user_provider_user_role_regexp% # guest_role_regexp: %shibboleth_user_provider_guest_role_regexp% ... ``` ``` custom_additional_role: true entitlement_prefix the value |-------------------------| |------| value from federation: urn:geant:niif.hu:hexaa:40:org:customer |--| custom_role_prefix The result: {ROLE_customer} ``` in `app/config/parameters.yml` ``` parameters ... shibboleth_user_provider_entitlement_serverparameter: edupersonentitlement shibboleth_user_provider_entitlement_prefix: urn:oid: shibboleth_user_provider_generate_custom_roles: true ... ``` in `app/config/security.yml` ``` ... providers: ... shibboleth: id: shibboleth.user.provider ... ... firewalls: ... secured_area: pattern: ^/ shibboleth: true logout: path: /logout target: https://www.example.com/logged_out success_handler: security.logout.handler.shibboleth ... ``` Simulate shibboleth authentication in development environment ============================================================= [](#simulate-shibboleth-authentication-in-development-environment) When you develop an application you shoud simulate shibboleth authentication anyhow. You can do it in apache config, after enable *headers* and *env* modules: ``` Alias /my_app /home/me/my_app/web Options Indexes FollowSymLinks AllowOverride All Require all granted SetEnv Shib-Person-uid myuid SetEnv Shib-EduPersonEntitlement urn:oid:whatever RequestHeader append Shib-Identity-Provider "fakeIdPId" RequestHeader append eppn "myeppn" ``` ### Health Score 20 — LowBetter than 13% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community12 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/dbd1543568948482a6229c1c07ddcc76c71254d0d5c63c024a967222857c33bd?d=identicon)[gyufi](/maintainers/gyufi) ![](https://www.gravatar.com/avatar/b8bab3c1b234f0732268e672b7acc23549b3819e445c2fddc7de385dbac40e4d?d=identicon)[kukkjanos](/maintainers/kukkjanos) ![](https://www.gravatar.com/avatar/58cf0b44aa083da212f27d6c89a3ba7b0716079d39f2d2d845d4997d61e93571?d=identicon)[northway](/maintainers/northway) --- Top Contributors [![szabogyula](https://avatars.githubusercontent.com/u/3406217?v=4)](https://github.com/szabogyula "szabogyula (17 commits)") ### Embed Badge ![Health badge](/badges/niif-shibboleth-user-provider-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/niif-shibboleth-user-provider-bundle/health.svg)](https://phpackages.com/packages/niif-shibboleth-user-provider-bundle) ``` ### Alternatives [kartik-v/yii2-password Useful password strength validation utilities for Yii Framework 2.0 761.2M17](/packages/kartik-v-yii2-password) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)