Skip to content

Commit

Permalink
Fixes instructions for configuring authsources and remote idp files. (#…
Browse files Browse the repository at this point in the history 
…1255)
  • Loading branch information
@dooleymatt @grasmash
dooleymatt authored and grasmash committed Mar 24, 2017
1 parent 80815b8 commit c68c3e1
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions readme/simplesamlphp-setup.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,11 +67,13 @@ Request the remote IdP metadata (XML) from the customer. Note that each environm

1. Navigate to the "XML to SimpleSAMLphp metadata converter" (`/simplesaml/admin/metadata-converter.php`), which can be found on the "Federation" tab under "Tools".

1. Optionally remove the default metadata from `${project.root}/simplesamlphp/config/authsources.php`.
1. Optionally remove the default metadata from `${project.root}/simplesamlphp/config/saml20-idp-remote.php`.

1. For each metadata (XML) file from the customer, parse it using this tool and copy the converted `saml20-idp-remote` metadata into `${project.root}/simplesamlphp/config/authsources.php`.
1. For each metadata (XML) file from the customer, parse it using this tool and copy the converted `saml20-idp-remote` metadata into `${project.root}/simplesamlphp/config/saml20-idp-remote.php`.

1. Make any additional needed changes to `${project.root}/simplesamlphp/config/authsources.php` using [SimpleSAMLphp Service Provider QuickStart](https://simplesamlphp.org/docs/stable/simplesamlphp-sp) as a guide (except enabling a certificate for your service provider, which should be done according to the instructions below). Note especially the `name` option by which you can give each IdP a human-readable name (e.g., "Dev", "Prod") for use in the administrative UI.
1. Configure authsources.php

1. Edit `${project.root}/simplesamlphp/config/authsources.php` using [SimpleSAMLphp Service Provider QuickStart](https://simplesamlphp.org/docs/stable/simplesamlphp-sp) as a guide (except enabling a certificate for your service provider, which should be done according to the instructions below). Note especially the `name` option by which you can give each IdP a human-readable name (e.g., "Dev", "Prod") for use in the administrative UI.

1. If your Identity Provider/Federation requires that your Service Providers hold a certificate...

Expand All @@ -89,8 +91,6 @@ Request the remote IdP metadata (XML) from the customer. Note that each environm
'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
),

1. Edit `${project.root}/simplesamlphp/metadata/saml20-idp-remote.php` as described in [IdP remote metadata reference](https://simplesamlphp.org/docs/stable/simplesamlphp-reference-idp-remote).

1. Review `${project.root}/simplesamlphp/config/config.php` and set any values called for by your project requirements.

1. Commit your changes to your Git repository.
Expand Down

0 comments on commit c68c3e1

Please sign in to comment.