Posts tagged ‘authentication’

Shibboleth authentication adapter for the Zend Framework

November 12, 2010, 17:51

I have been running some sites under a Shibboleth Service Provider for quite a long time. In some cases I had to modify applications written in PHP to be able to use Shibboleth authentication. But now I reached the point, when I had to implement Shibboleth authentication in my own application. Since I’m using Zend Framework for years, the natural way to achieve that was implementing a Shibboleth authentication adapter for the Zend_Auth component.

Actually, the task is quite simple, because all the required information is contained in the environment variables. The only “challenge” is to make sure the adapter is as generic and flexible as possible, so it can be deployed in various environments and applications. The configuration options for the adapter mostly specify the names of the attributes containing relevant information and possibly a mapping between the attribute names and the local names. Typical usage:

?View Code PHP
1
2
3
4
5
6
7
8
9
10
11
12

$auth = Zend_Auth::getInstance();
 
$authAdapter = new ShibbolethAdapter(array(
        'identityVar' => 'id', 
        'attrMap' => array(
            'uid' => 'id', 
            'cn' => 'name',
            'mail' => 'email'
        )
));
 
$result = $auth->authenticate($authAdapter);

Continue reading ‘Shibboleth authentication adapter for the Zend Framework’ »

Tags: , , ,
Category: PHP, Shibboleth, Zend Framework  |  2 Comments

Dokuwiki Shibboleth authentication backend

November 7, 2008, 19:47

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating documentation of any kind. It is targeted at developer teams, workgroups and small companies. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files – no database is required. (description taken from DokuWiki homepage)

The Shibboleth System is a standards based, open source software package for web single sign-on across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.

Making DokuWiki authenticate through Shibboleth is fairly easy due to the extensible DokuWiki authentication framework, which allows using different authentication backends easily. The Shibboleth backend itself only needs to check for some environment variables and determine user’s username and info.

You can get more information and download the backend at its homepage:

Dokuwiki Shibboleth Authentication Backend

Feel free to comment.

Tags: , , ,
Category: PHP, Shibboleth  |  10 Comments