Page MenuHomePhabricator

Adding an authentication adapter for Shibboleth SSO.
AbandonedPublic

Authored by ttt on Nov 7 2013, 6:48 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Mar 22, 9:22 PM
Unknown Object (File)
Thu, Mar 14, 11:11 AM
Unknown Object (File)
Feb 7 2024, 7:22 AM
Unknown Object (File)
Feb 4 2024, 2:35 AM
Unknown Object (File)
Jan 23 2024, 2:44 AM
Unknown Object (File)
Jan 16 2024, 5:02 AM
Unknown Object (File)
Jan 6 2024, 12:22 PM
Unknown Object (File)
Dec 30 2023, 8:33 PM

Details

Reviewers
epriestley
Group Reviewers
Blessed Reviewers
Summary

Shibboleth SSO integration for Phabricator installations behind Shibboleth enabled reverse-proxy.

Test Plan

First activate and configure the adapter with the header names for the Shibboleth variables introduced by your, second go to the login page and click the Login button from Login with Shibboleth section. The application must be behind a reverse proxy introducing the relevant HTTP headers. If don't have a working Shibboleth installation, the headers can be faked in the web server configuration.

Diff Detail

Branch
shibboleth_auth
Lint
Lint Passed
Unit
No Test Coverage

Event Timeline

Please consider this revision together with D7524.

ttt updated this revision to Unknown Object (????).Nov 18 2013, 5:02 PM

Getting the header names from and passing header values to the adapter.

I understand your reasons and I have no way to improve security of this authentication adapter.
Therefore I abandon this release.

Maybe in the future I will propose this again, if a more secure form of configuration for the authentication adapter options is implemented.

On line 15 of PhabricatorAuthProviderShibboleth.php there is a typo. It should be "authenticated".