Hello,<br><br>I am writing to you
today on behalf of myself and a colleague, to ask you for some feedback about simpleSAMLphp functionality. We are working to launch a confluence wiki deployment using a
multi-protocol authentication approach. Our idea is to use
simpleSAMLphp as a
gateway between OpenID and SAML. We are experiencing difficulty making the parts work together and we thought there may be folks on these lists who could help.<br><br>We currently have confluence installed
with shibboleth SP and wayf (the php version from SWITCH) and want to
allow people to login with OpenID via the simpleSAMLphp gateway.<br>
<br>To achieve this we have installed simpleSAMLphp as IdP (further details available off list). For the authentication method we
have configured OpenID (by creating the "enabled" file under
simplesamlphp/modules/openid). So far we are able to successfully login with our
"myopenid" account. But it looks like it is not passing the right
attributes to our SP. <br>
<br>
We set up have the standard config: <br>
<br>
<tt>/*<br>
* These parameters are only relevant if you setup an OpenID
Provider.<br>
*/<br>
'openid.userid_attributename' => 'eduPersonPrincipalName',<br>
</tt><br>
We believed that this would pass our OpenID id as the
eduPersonPricipalName (which is then mapped by the Shibboleth SP to
eppn and to 'REMOTE_USER'). But it seem that it is not passing anything
as eduPersonPricipalName - so we must be missing something there.<br>
<br>
Also we are not sure we understand what the '<tt>openid.delegation_prefix</tt>'
parameter is for? <br>
<br>If any of you are able to help us, we can provide a test for the authentication (which will give you a phpinfo()
pages after logging in via simpleSAMLphp/OpenID.<br><br>Thanks in advance for any guidance or support you may be able to share with us!<br><br>Joni<br><br>