PHPackages                             ykweyer/yourls-authmgrplus-shibboleth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. ykweyer/yourls-authmgrplus-shibboleth

ActiveYourls-plugin

ykweyer/yourls-authmgrplus-shibboleth
=====================================

Extends YOURLS AuthMgrPlus plugin to add Shibboleth compatibility

1.0.2(5y ago)11GPL-2.0-or-laterPHPPHP &gt;=7.2

Since Jul 7Pushed 5y agoCompare

[ Source](https://github.com/YKWeyer/yourls-authmgrplus-shibboleth)[ Packagist](https://packagist.org/packages/ykweyer/yourls-authmgrplus-shibboleth)[ RSS](/packages/ykweyer-yourls-authmgrplus-shibboleth/feed)WikiDiscussions master Synced yesterday

READMEChangelog (2)Dependencies (1)Versions (4)Used By (0)

Shibboleth authentication for AuthMgrPlus
=========================================

[](#shibboleth-authentication-for-authmgrplus)

This plugin will enable authentication with Shibboleth in [Yourls](http://yourls.org/) using AuthMgrPlus.

It is based on [Fuero's Shibboleth plugin](https://github.com/fuero/yourls-shibboleth), but externalises the RBAC logic to [AuthMgrPlus](https://github.com/joshp23/YOURLS-AuthMgrPlus)

Licensing
---------

[](#licensing)

This plugin is licensed under the terms of the GNU General Public License, version 2 (GPLv2) or later. License conditions are included in LICENSE or can be found at the [GNU website](http://www.gnu.org/licenses/gpl-2.0.html).

Prerequisites
-------------

[](#prerequisites)

If you have no idea what Shibboleth is, or what an IdP or an SP is, familiarize yourself with the terms by reading [this](https://wiki.shibboleth.net/confluence/display/SHIB2/UnderstandingShibboleth).

- Shibboleth SP is installed and working properly
- IdP is releasing attributes used by plugin (by default: `cn`, `entitlement`)
- Verify that this works with a short test page (see [Testing your shibboleth setup](#testing-your-shibboleth-setup))
- YOURLS &gt;= 1.7

Installation
------------

[](#installation)

- Copy this folders content under `user/plugins/yourls-authmgrplus-shibboleth`
- **Ensure AuthMgrPlus is installed and enabled**
- Enable the plugin in yourls
- Configure httpd

    Your web server configuration need to be adjusted to accomodate Shibboleth. Here's a *sample* configuration you can use:

    ```
    # Protect admin area with Shibboleth

            AuthType shibboleth
            ShibRequestSetting requireSession 1
            require valid-user
            DirectoryIndex index.php

    # Protect stats too

            AuthType shibboleth
            ShibRequestSetting requireSession 1
            require valid-user

    RewriteEngine on
    # Redirect 'http://yourls.local/' requests to admin area
    RewriteCond     %{REQUEST_URI}  ^/$
    RewriteRule     .*              /admin/                 [R,L]
    # Admin area or stats access is permitted over HTTPS only
    RewriteCond     %{REQUEST_URI}  ^/admin                 [OR]
    RewriteCond     %{REQUEST_URI}  ^/.*[+]$
    RewriteCond     %{HTTPS}        !=on
    RewriteRule     (.*)            https://yourls.local$1      [R,L]
    # Modified default rewrite rules for short urls.
    # Takes into account Shibboleth's service URLs, admin area, and
    # robots.txt.
    RewriteCond /path/to/yourls%{REQUEST_URI} !-f
    RewriteCond /path/to/yourls%{REQUEST_URI} !-d
    RewriteCond %{REQUEST_URI} !^/(?:shibboleth-sp|Shibboleth.sso)/
    RewriteRule ^(.*)$ /yourls-loader.php [L]

    ```
- Restart httpd for the changes to take effect.

Testing your shibboleth setup
-----------------------------

[](#testing-your-shibboleth-setup)

Drop the following code in `admin/test-sp.php`:

```

Shibboleth test

```

Accessing this in your browser will yield something like this:

```
Array
(
    [SCRIPT_URL] => /admin/test-sp.php
    [SCRIPT_URI] => https://yourls.local/admin/test-sp.php
    [Shib-Application-ID] => default
    [Shib-Session-ID] => _d123456789eef1e35f96b29725731b2e6
    [Shib-Identity-Provider] => https://your-idp-host/idp/shibboleth
    [Shib-Authentication-Instant] => 2001-01-1T00:00:00.000Z
    [Shib-Authentication-Method] => urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
    [Shib-AuthnContext-Class] => urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
    [Shib-Session-Index] => _a4fa5ffe838191234567890c6ea23bd
    [cn] => your-user-id
    [entitlement] => urn:mace:dir:entitlement:yourls.local:admin
    [persistent-id] => some-persistent-id
    [HTTPS] => on
    [SSL_TLS_SNI] => yourls.local
    [HTTP_HOST] => yourls.local
    [HTTP_USER_AGENT] => Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    [HTTP_ACCEPT_LANGUAGE] => en,en-us;q=0.7,de-at;q=0.3
    [HTTP_ACCEPT_ENCODING] => gzip, deflate
    [HTTP_COOKIE] => some-cookie-data
    [HTTP_CONNECTION] => keep-alive
    [PATH] => /sbin:/usr/sbin:/bin:/usr/bin
    [SERVER_SIGNATURE] => Apache
    [SERVER_SOFTWARE] => Apache
    [SERVER_NAME] => yourls.local
    [SERVER_ADDR] => 8.8.8.8
    [SERVER_PORT] => 443
    [REMOTE_ADDR] => 1.1.1.1
    [DOCUMENT_ROOT] => /path/to/yourls
    [SERVER_ADMIN] => root@localhost
    [SCRIPT_FILENAME] => /path/to/yourls/admin/test-sp.php
    [REMOTE_PORT] => 4711
    [REMOTE_USER] => some-persistent-id
    [AUTH_TYPE] => shibboleth
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.1
    [REQUEST_METHOD] => GET
    [QUERY_STRING] =>
    [REQUEST_URI] => /admin/test-sp.php
    [SCRIPT_NAME] => /admin/test-sp.php
    [PHP_SELF] => /admin/test-sp.php
    [PHP_AUTH_USER] => some-persistent-id
    [REQUEST_TIME] => 1366872110
)

```

Verify that the attributes you want to specify for `SHIBBOLETH_ENTITLEMENT` and `SHIBBOLETH_UID` are present and have reasonable values (example below):

```
[cn] => your-user-id
[entitlement] => urn:mace:dir:entitlement:yourls.local:admin

```

Configuration
-------------

[](#configuration)

Settings the plugin reads from `user/config.php` and their defaults:

```
// Designates the attribute containing the username
define('SHIBBOLETH_UID', 'cn');
// The attribute controlling the user's roles for a SP, e.g. 'entitlement'. See attribute-map.xml
define('SHIBBOLETH_ENTITLEMENT', 'entitlement');
// A regular expression applied to SHIBBOLETH_ENTITLEMENT. Upon a match, the login page will be bypassed
// and the user is granted access.
define('SHIBBOLETH_ENTITLEMENT_REGEX', '/^.*urn:mace:dir:entitlement:yourls.local:.*$/');
```

###  Health Score

23

—

LowBetter than 27% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity3

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity52

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 55.6% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~23 days

Total

3

Last Release

2087d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/8308e13cc7a07a29d2a02ad1c6c51d7971688c44752b1e992133d98acedbd8c9?d=identicon)[ykweyer](/maintainers/ykweyer)

---

Top Contributors

[![fuero](https://avatars.githubusercontent.com/u/108815?v=4)](https://github.com/fuero "fuero (5 commits)")[![YKWeyer](https://avatars.githubusercontent.com/u/1093360?v=4)](https://github.com/YKWeyer "YKWeyer (4 commits)")

---

Tags

pluginshibbolethyourls

### Embed Badge

![Health badge](/badges/ykweyer-yourls-authmgrplus-shibboleth/health.svg)

```
[![Health](https://phpackages.com/badges/ykweyer-yourls-authmgrplus-shibboleth/health.svg)](https://phpackages.com/packages/ykweyer-yourls-authmgrplus-shibboleth)
```

###  Alternatives

[lab404/laravel-impersonate

Laravel Impersonate is a plugin that allows to you to authenticate as your users.

2.3k16.4M48](/packages/lab404-laravel-impersonate)[dealerdirect/phpcodesniffer-composer-installer

PHP\_CodeSniffer Standards Composer Installer Plugin

596161.9M1.9k](/packages/dealerdirect-phpcodesniffer-composer-installer)[ergebnis/composer-normalize

Provides a composer plugin for normalizing composer.json.

1.1k37.3M2.1k](/packages/ergebnis-composer-normalize)[sabre/event

sabre/event is a library for lightweight event-based programming

35227.4M25](/packages/sabre-event)[php-http/cache-plugin

PSR-6 Cache plugin for HTTPlug

24924.2M71](/packages/php-http-cache-plugin)[pestphp/pest-plugin

The Pest plugin manager

4458.2M109](/packages/pestphp-pest-plugin)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)