Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Support for Virtual Organisations

...

Using the third-party VOOT Groups module, SimpleSAMLphp can retrieve group memberships from an API service protected with OAuth 2.0 using the VOOT protocol and add this information to the list of attributes received from the IdP.

Dependencies and other technologies

 

...

  • Written in PHP
  • Runs on a wide variety of web servers (Apache, nginx and IIS among others)
  • Can utilise a user repository based on a SQL database (e.g. MySQL or PostgreSQL), an LDAP directory (OpenLDAP) or a RADIUS interface (OpenRADIUS).
  • Can maintain session information in memcached servers for improving performance/high availability

Operational Overview

Operational Overview

As simpleSAMLphp is written in PHP, integrating Web-based PHP applications into a federation is very simple. However, simpleSAMLphp also supports non-PHP environments by adding a special cookie in Memcache suitable for the Apache “Auth Memcookie” module. This approach allows passing authentication information in HTTP header variables and enables authorisation via the Apache server configuration. Memcache can also be used to allow an arbitrary number of SimpleSAMLphp web front-ends to work with a back-end matrix of Memcache servers in support of both replication (fail-over) and load-balancing capabilities.

To connect the same SP to multiple IdPs, simpleSAMLphp offers two built-in SAML2 IdP Discovery Services: a basic (enabled by default) and a more advanced one providing scalable search capabilities (please refer to Section 3.10). To act as an IdP, simpleSAMLphp can be configured to utilise a user repository based on a SQL database (e.g. MySQL or PostgreSQL), an LDAP directory or a RADIUS interface.

Expected level of support

 

SimpleSAMLphp has a large user base, a helpful user community and a number of external contributors 

...

 .

The AARC requirements supported by the tool are:

  • Federation solutions based on open and standards-based technologies