I understand how to create auth modules and have created one named SimpleSamlAuthenticate, but I am a bit stuck on implementing the authenticate(CakeRequest $request, CakeResponse $response) function.
The docs indicate the function should either return false if the user cannot be identified, or a user array if they can. To actually initiate a SimpleSAMLphp authentication, however, the SimpleSAML_Auth_Simple class gets loaded and its requireAuth() or login() function gets called, which redirects the user to the registered SAML Identity Provider where they authenticate and are returned back to the application.
This doesn't seem compatible with the AuthComponent... It seems like maybe what I need to do is authenticate outside of the Auth component, and then utilize the AuthComponent after authentication to verify that it succeeded and that the user session is valid, but that seems to defeat most of the purpose of the AuthComponent in general.
But if so, would it make more sense for me to stop using the AuthComponent entirely and create a new method component which ties SAML authentication sessions in with one of the available Authorization modules?
When I read about the AuthComponent changes in 2.0, I thought that maybe I could finally utilize the CakePHP Auth component for something, but now I'm not so sure :)
Ben
-- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment