SimpleSAMLphp - authentication and identity services the 'Simple' way using php

 

Often library users, including students, academics and also library staff themselves, are faced with an array of different passwords for accessing different parts of the network, catalogues, electronic resource databases and so on. This can be readily resolved with SimpleSAMLphp which builds on your database of users (e.g. LDAP or radius) to support single sign-on local authentication. 

SimpleSAMLphp is an award-winning application written in native PHP that provides authentication and authorisation infrastructure focused on the Security Assertion Markup Language (SAML).

SimpleSAMLphp can be used to implement an identity Provider (IdP) to supply user information to authenticated services, a service provider (SP) to protect resources and offer an authentication interface or as a bridge to translate between popular identity protocols, such as: Shibboleth 1.3, A-Select, CAS, OpenID, WS-Federation and OAuth. Operates on Linux, Mac OSX and Microsoft Windows.

SimpleSAMLphp operates in many languages and more are coming online all the time - currently available are: Bokmål, Nynorsk, Sámi, Dansk, Deutsch, Español, Svenska, Suomeksi, Français, Italiano, Nederlands, Luxembourgish, Czech, Slovenščina, Hrvatski, Magyar, Język polski, Português, Português brasileiro, Türkçe

What is SAML?

SAML is an XML-based architecture, framework and protocol for the secure exchange of security credentials between separate security domains.

SAML is a standard, ratified by OASIS (Organisation for the Advancement of Structured Information Standards).

The goal of SAML is to provide a standard mechanism and language for the exchange of security-related information between organisations (or across distinct units of a single organisation).

SAML works on a federated trust model, where mutual trust between participating organisations is established to allow secure interactions between them.

Find out more about SAML

Following a very popular session at the EIFL-FOSS Regional Seminar 2011, EIFL-FOSS and EIFL-Licensing held a Themed Week on the SimpleSAMLphp software that makes possible single sign-on and local authentication. 

Guest speakers at the online workshop for this Themed Week included:

 

You can view the recording of the session here.

The session was supported by a wiki, available at http://titanpad.com/eifl-foss-simplesamlphp - this also gives details of some preliminary steps you can take, including downloading a virtual machine on which to run detailed training materials aimed at achieving installation.

Download Marina's presentation here

Download Brook's presentation here

See Stanislav's animated presentation here

Case study and further information

You can read here a case study by Stanislav Tsymbalov of the American University of Central Asia, Kyrgyzstan, describing his implementation of SimpleSAMLphp in less than one year.