SimpleSAMLphp

The documentation has gone through a major update, in particular the IdP documentation. Last summer simpleSAMLphp got a new API for authentication sources. The new API is now well-tested and there is several modules available already that uses this ... [More] new API. Until now the IdP documentation has described how to setup an IdP using the old authentication files - but now the documentation describes how to setup an IdP using the new authentication sources. The old authentication files under www/auth/ will be deprecated and removed at some point in the future. The new IdP manual is much shorter and simpler to follow, and it refers to one separate document for each authentication source. There is also a separate refence document for each type of metadata, respectively IdP hosted and SP remote (for the IdP). We really appreciate feedback on the documentation, on how we can make it even better. Go to simpleSAMLphp documentation [Less]

Reference documentation to the SP Remote metadata in simpleSAMLphp. This metadata file is used on the IdP, and lists all trusted SPs for the IdP.

This is a reference document that explains all possible configuration for the hosted IdP metadata. This is used on the IdP.

How to configure the LDAP authentication source of simpleSAMLphp.

Ingrid wrote a blog entry about the new consent functionality of our new IdP: Ready, able and willing: federated consent

I’m upgrading drupal from 5.12 to 6.X. This is a large update, and it will take me a couple of days to get back all the functionality. All the content should be readable now, but login, themes etc is not yet ready. Update: Authentication should now work with OpenIdP and Feide.

Today, Feide went live with a new IdP production environment entirely based on simpleSAMLphp. First phase includes nine pilot services that is connected to the new IdP. Here are some snapshots form various parts of the new IdP. The login page ... [More] Consent about release of personal information from the IdP to the SP Interface to withdraw consent given: List of available services Insight into the personal information that is stored about you at your institusion: Monitoring connections to LDAP at all educational institusions Statistics about usage of the IdP And coolest of all the features! read more [Less]

Now you can do a host-specific override of the configuration file. I’m not sure if this is of interest to many of you, but anyway: If you maintain your simpleSAMLphp configuration in subversion/CVS and share the configuration on a lot of hosts, you ... [More] can now add a config option in all configuration file named override.host, and simpleSAMLphp will load extra host specific configuration files in the same directory. In example: $config = array ( 'override.host' => array( 'sp.andreas.feide.no' => 'config.test.php', 'idp.anderas.feide.no' => 'config.prod.php', 'sp1.anderas.feide.no' => 'config.test.php', 'sp2.anderas.feide.no' => 'config.test.php', ), in the standard config.php. Then if I go to sp.andreas.feide.no the config.test.php is loaded afterwards. This file can contain override code, like this: 'enable.saml20-sp' => TRUE, [Less]

The new memcacheMonitor module is an overhaul of the old ‘hidden’ memcachestats page. Next up is implementing a sanitycheck hook to verify that connection to all memcache servers in the cluster is live.

SimpleSAMLphp has built-in support for downloading, parsing, aggregating and providing updated metadata using the SAML 2.0 Metadata XML format. This is particularly useful in dynamic distributed federations that provides metadata on a HTTP URL. ... [More] This document is in a early state. Ask on the mailinglist if you have questions related to this topic. We are interested in getting in contact with IdPs or SPs in a federation with metadata distributed this way, to perform testing and feedback about how it is working. [Less]