PHPackages                             phantomwatson/cakephp-simple-saml - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. phantomwatson/cakephp-simple-saml

ActiveCakephp-plugin

phantomwatson/cakephp-simple-saml
=================================

SimpleSaml plugin for CakePHP

v0.1(5y ago)2215MITPHPPHP &gt;=7.2

Since Feb 18Pushed 5y ago1 watchersCompare

[ Source](https://github.com/PhantomWatson/cakephp-simple-saml)[ Packagist](https://packagist.org/packages/phantomwatson/cakephp-simple-saml)[ RSS](/packages/phantomwatson-cakephp-simple-saml/feed)WikiDiscussions master Synced 1w ago

READMEChangelogDependencies (5)Versions (2)Used By (0)

SimpleSaml plugin for CakePHP
=============================

[](#simplesaml-plugin-for-cakephp)

Installation
------------

[](#installation)

Until [this issue](https://github.com/simplesamlphp/simplesamlphp/issues/1273) is resolved, SimpleSAML is incompatible with CakePHP's Bake package, so cakephp/bake must be removed before installing.

```
composer remove cakephp/bake

```

Then:

```
composer require phantomwatson/cakephp-simple-saml

```

Add an authorization policy
---------------------------

[](#add-an-authorization-policy)

- Add [an authorization policy class](https://book.cakephp.org/authorization/2/en/policies.html) under `/src/Policy`. ([example policy](https://github.com/BallStateCBER/datacenter-plugin-cakephp4/blob/master/src/Policy/RequestPolicy.php))

Update `Application.php`
------------------------

[](#update-applicationphp)

- Have the `Application` class implement `AuthorizationServiceProviderInterface`
- Add these lines to `Application::bootstrap()`: ```
    $this->addPlugin('Authentication');
    $this->addPlugin('SimpleSaml');
    ```
- Add `getAuthorizationService()` and `getAuthenticationService()` methods, using the name of your policy class: ```
    /**
     * Returns the authorization service
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request Server request
     * @return \Authorization\AuthorizationServiceInterface
     */
    public function getAuthorizationService(ServerRequestInterface $request): AuthorizationServiceInterface
    {
        $mapResolver = new MapResolver();
        $mapResolver->map(ServerRequest::class, YourPolicyClass::class);

        return new AuthorizationService($mapResolver);
    }

    /**
     * Returns a service provider instance.
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request Request
     * @return \Authentication\AuthenticationServiceInterface
     */
    public function getAuthenticationService(ServerRequestInterface $request): AuthenticationServiceInterface
    {
        $service = new AuthenticationService();
        $loginUrl = '/login';

        // Define where users should be redirected to when they are not authenticated
        $service->setConfig([
            'unauthenticatedRedirect' => $loginUrl,
            'queryParam' => 'redirect',
        ]);

        $service->loadAuthenticator('Authentication.Session');
        $service->loadAuthenticator('SimpleSaml.SimpleSaml');

        // Load identifiers
        $service->loadIdentifier('Authentication.Token', [
            // The field in the database to check against
            'tokenField' => '',

            // The field in the passed data from the authenticator
            'dataField' => '',

            /* The OrmResolver will search the Users table for a record with a tokenField with the same value as
             * dataField */
            'resolver' => [
                'className' => OrmResolver::class,
                'userModel' => 'Users',
                'finder' => 'all',
            ]
        ]);

        return $service;
    }
    ```

    - Set the value of `tokenField` to the name of the database field to identify users with (e.g. `'sso-uuid'`)
    - Set the value of `dataField` to the name of the field in the data received from the authenticator (e.g. `'id'`)

Update `AppController.php`
--------------------------

[](#update-appcontrollerphp)

In `AppController::initialize()`, load the `SimpleSamlComponent` from the plugin:

```
$this->loadComponent('SimpleSaml.SimpleSaml', [
    //'authSource' => 'default-sp'
]);
```

Uncomment and change the value of `authSource` if needed.

Update User model
-----------------

[](#update-user-model)

Have `User` entity class [implement `IdentityInterface`](https://book.cakephp.org/authentication/2/en/identity-object.html#implementing-the-identityinterface-on-your-user-class)and add the `getIdentifier()` and `getOriginalData()` methods to it. ([example](https://github.com/BallStateCBER/datacenter-plugin-cakephp4/blob/master/src/Model/Entity/User.php))

Get SimpleSAML's /www directory ready for being accessed
--------------------------------------------------------

[](#get-simplesamls-www-directory-ready-for-being-accessed)

1. Set up a VirtualHost alias (or its equivalent in non-Apache servers) or a symlink for `/vendor/simplesamlphp/simplesamlphp/www`, named something like `/simplesaml`
2. Navigate to `/vendor/simplesamlphp/simplesamlphp` in the command line and run these two commands to download front-end dependencies and set up CSS and JS **(this assumes that NodeJS is installed on the server)**. ```
    npm install
    npm run build

    ```

Configuration
=============

[](#configuration)

1. Copy the SimpleSAML `/config-templates` directory to `/config/simplesaml` at the root of the project
2. Set the `SIMPLESAMLPHP_CONFIG_DIR` environment variable to the path to this new directory so SimpleSAML can access these config files.
    - If you're doing this via PHP, you would use `putenv('SIMPLESAMLPHP_CONFIG_DIR=' . CONFIG . 'simplesaml');`
    - Do not include a trailing slash in the path string
    - This can be placed in `/config/bootstrap.php`
3. Set `baseurlpath` value to the full URL path to access SimpleSAML's www directory, e.g. `'baseurlpath' => 'https://example.com/simplesaml-alias-name/'`
4. If SimpleSAML's metadata files need to be edited
    1. Copy the library's `/metadata-templates` directory to `/config/simplesaml/metadata` from the project's root
    2. Update the metadatadir value in `/config/simplesaml/config.php`

    ```
    'metadatadir' => CONFIG . 'simplesaml' . DS . 'metadata'',
    ```

Run checks
==========

[](#run-checks)

Open the SimpleSAML web-accessible directory in a browser to confirm that it’s installed and configured correctly.

Using the component
===================

[](#using-the-component)

All controllers should now have access to the `SimpleSaml` component, which provides these methods:

- `$this->SimpleSaml->isAuthenticated();` - Returns true if the user is logged in via SimpleSaml
- `$this->SimpleSaml->login($params);` - Starts the authentication process (`$params` is documented at `\SimpleSAML\Auth\Simple::login()`)
- `$this->SimpleSaml->logout();` - Logs the user out
- `$this->SimpleSaml->getUserAttributes();` - Returns the authenticated user's attributes from the SimpleSaml session, or an empty array if no user is authenticated

###  Health Score

22

—

LowBetter than 22% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity14

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity38

Early-stage or recently created project

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1914d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/8c85adcea1d9b9f8f2d3062fa6b312aa0759b09bf8613e9fad84e21d169b3398?d=identicon)[PhantomWatson](/maintainers/PhantomWatson)

---

Top Contributors

[![PhantomWatson](https://avatars.githubusercontent.com/u/1965565?v=4)](https://github.com/PhantomWatson "PhantomWatson (7 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/phantomwatson-cakephp-simple-saml/health.svg)

```
[![Health](https://phpackages.com/badges/phantomwatson-cakephp-simple-saml/health.svg)](https://phpackages.com/packages/phantomwatson-cakephp-simple-saml)
```

###  Alternatives

[cakedc/users

Users Plugin for CakePHP

524897.0k16](/packages/cakedc-users)[cakephp/bake

Bake plugin for CakePHP

11211.2M158](/packages/cakephp-bake)[dereuromark/cakephp-ide-helper

CakePHP IdeHelper Plugin to improve auto-completion

1862.1M27](/packages/dereuromark-cakephp-ide-helper)[bedita/manager

BEdita Manager - official admin webapp for BEdita4 API

131.0k](/packages/bedita-manager)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)