[#945] SimpleSaml based auth plugin

Description

Summary:

Detailed description

SimpleSAMLphp (https://simplesamlphp.org/) is an award-winning application written in native PHP that deals with authentication. It would be nice to have a auth plugin based on simplesaml added to fusionforge.

An implementation for such auth support was added to a custom fusionforge project in 2012 (see https://scm.fusionforge.org/anonscm/gitweb?p=fusionforge/users/rhabacker.git;a=tree;f=gforge/plugins/simplesaml;hb=refs/heads/branch-5.0-sag) and needs to be converted to a fusionforge auth plugin.

Since newer simplesamlphp versions are provided by the composer package manager, the plugin would need to use this to install the required php packages, rather than including a specific version of simplesaml which can become outdated relatively quickly.

General Information
Submitted by:
Ralf Habacker
Date Submitted: 2021-06-09 07:26
Last Modified by:
Franck Villaume
Last Modified: 2021-10-09 06:15
Permalink: https://fusionforge.org/tracker/a_follow.php/945
Actions
Monitor
Votes: 0/1 (0%)
Internal Fields
Data Type: Feature requests
Assigned to: Nobody (None)
State: Open
Priority: 3
Extra Fields
Resolution:
none
Difficulty:
none
Target release:
none
Follow-up tabs
Message  ↓
Date: 2021-10-09 06:15
Sender: Franck Villaume

[#952] is merged in master branch

Date: 2021-09-23 14:44
Sender: Ralf Habacker

Is there any progress on https://fusionforge.org/tracker/a_follow.php/952 ? This is a requirement for this feature that I would like to submit in the 4th quarter of this year. Otherwise, updating simplesamlphp must be done manually each time, which is more error-prone.

Date: 2021-07-19 09:40
Sender: Ralf Habacker

> About Composer : well.... always a tough question. Lot of users just use the fusionforge deb/rpm packages. So not sure to move to composer.

Sorry if I was unclear in this statement. I didn't mean to switch dependency tracking completely to composer.

There are already packages in src/vendor that seem to have been added composer style (https://scm.fusionforge.org/anonscm/gitweb?p=fusionforge/fusionforge.git;a=tree;f=src/vendor;hb=HEAD).

My suggestion is to add a copy of the simplesaml package to the vendor directory as well, to have it available when installing fusionforge from source, and add an option to be able to update this package with composer. Being able to use composer to update the package helps and simplifies maintaining application security.

For distributions that provide a simplesaml package, a fusionforge installation can use the installed package, or if it would be too old, use the embedded version.

Date: 2021-07-19 09:12
Sender: Ralf Habacker

> Not sure to have the time to work on this topic.

As we need that plugin for our running fusionforge instance, I'm working on that already. After pushing that implementation to my personel ffo git repo, it would be nice to get this implemention reviewed before merging into master.

Date: 2021-06-16 16:28
Sender: Franck Villaume

Found in debian: https://pkgs.org/download/simplesamlphp

My bad on SUSE. Meaning, we could need to rebuild on SUSE as we do on CentOS.

Date: 2021-06-14 08:17
Sender: Ralf Habacker

At https://software.opensuse.org/package/simplesamlphp?search_term=simplesaml I only see CenOS support.

Date: 2021-06-12 17:28
Sender: Franck Villaume

About SimpleSAML: it would be a great idea. Not sure to have the time to work on this topic.

About Composer : well.... always a tough question. Lot of users just use the fusionforge deb/rpm packages. So not sure to move to composer. The good news is SimpleSAML is packaged for Debian/CentOS/SUSE.

Date: 2021-06-11 17:47
Sender: Andy Barnes

Would it be a good idea to move towards composer for all external dependancies?

I appreciate it would probably be a big job but there is no need to do it all at once and it can be done slowly over time as part of other work.

No attached documents

No related commits.

No changes have been made to this item

No relations found.