[#80] Support various protocols for SSO, delegated authz, etc through SimpleSAMLPhp

Description

Summary:

Detailed description

SimpleSAMLPhp seems to be the magic toolbox that allows to provide lots of different protocols for SSO, delegated authentication, authorizations, like CAS, Shibboleth, SAML, etc.

It would be great to have some support for it in FusionForge so that it's easy to integrate FusionForge in environments where such protocols are used.

Instead of adding different authentication mechanisms based on various different php client libraries, only one set of bindings, hooks or mappings would be needed to adapt to simplesamlphp constraints.

General Information
Submitted by:
Olivier Berger
Date Submitted: 2010-01-26 14:02
Last Modified by: Nobody
Last Modified: 2017-11-02 20:00
Permalink: https://fusionforge.org/tracker/a_follow.php/80
Actions
Internal Fields
Data Type: Feature requests
Assigned to: Nobody (None)
State: Open
Priority: 3
Extra Fields
Resolution:
none
Difficulty:
Medium
Target release:
none
Follow-up tabs
Message  ↓
Date: 2010-03-15 19:29
Sender: Luis Cañas Díaz

I've used pubcookie for this, it is not ideal (the session must be keept in https) but .. it works

Date: 2010-02-17 08:53
Sender: Olivier Berger

Which auth are you thinking about in particular ? OAuth ? Then I'd suggest to switch to ticket #78 ;) SOAP would probably benefit from OAuth in any case, but in my initial request I was more thinking about SSO (id + auth) for things like OpenId, Shibboleth, SAML, than OAuth. In any case, if there's support for an Idp based on the forge's DB through SimpleSAMLPHP, it can also benefit OAuth for sure.

Date: 2010-01-26 14:18
Sender: Philip Schwartz

For a SimpleSAMLPhp auth system to work, there will be 3 needs. Class infrastructure for the SAML-SOAP communications (token validation hook in each page), Token storage, and Auth schema classes.

No attached documents

No related commits.

No Changes Have Been Made to This Item

No relations found.