Archive for the ‘PHP’ Category.
November 12, 2010, 17:51
I have been running some sites under a Shibboleth Service Provider for quite a long time. In some cases I had to modify applications written in PHP to be able to use Shibboleth authentication. But now I reached the point, when I had to implement Shibboleth authentication in my own application. Since I’m using Zend Framework for years, the natural way to achieve that was implementing a Shibboleth authentication adapter for the Zend_Auth component.
Actually, the task is quite simple, because all the required information is contained in the environment variables. The only “challenge” is to make sure the adapter is as generic and flexible as possible, so it can be deployed in various environments and applications. The configuration options for the adapter mostly specify the names of the attributes containing relevant information and possibly a mapping between the attribute names and the local names. Typical usage:
1
2
3
4
5
6
7
8
9
10
11
12
| $auth = Zend_Auth::getInstance();
$authAdapter = new ShibbolethAdapter(array(
'identityVar' => 'id',
'attrMap' => array(
'uid' => 'id',
'cn' => 'name',
'mail' => 'email'
)
));
$result = $auth->authenticate($authAdapter); |
Continue reading ‘Shibboleth authentication adapter for the Zend Framework’ »
January 18, 2009, 10:32
Sometimes we need to maintain simple hashes, but at the same time we don’t want to have them cracked too easily. When using a hash function on a not too complex string (like a single word), there is a risk, that the hash can be cracked using rainbow tables in few minutes.
Continue reading ‘Relyiable hashes in PHP’ »
November 25, 2008, 9:59
Sometimes we need to initialize an object based on another object. Typically, if we have a class MyClass and subclass MyExtendedClass with some additional functionality, we may need to turn a MyClass object into a MyExtendedClass object. How to do that easily in PHP?
Continue reading ‘Initializing objects from other objects in PHP’ »
November 7, 2008, 19:47
DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It is targeted at developer teams, workgroups and small companies. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files – no database is required. (description taken from DokuWiki homepage)
The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.
Making DokuWiki authenticate through Shibboleth is fairly easy due to the extensible DokuWiki authentication framework, which allows using different authentication backends easily. The Shibboleth backend itself only needs to check for some environment variables and determine user’s username and info.
You can get more information and download the backend at its homepage:
Dokuwiki Shibboleth Authentication Backend
Feel free to comment.
