Shibboleth SSO integration for Phabricator installations behind Shibboleth enabled reverse-proxy.
Details
- Reviewers
epriestley - Group Reviewers
Blessed Reviewers
First activate and configure the adapter with the header names for the Shibboleth variables introduced by your, second go to the login page and click the Login button from Login with Shibboleth section. The application must be behind a reverse proxy introducing the relevant HTTP headers. If don't have a working Shibboleth installation, the headers can be faked in the web server configuration.
Diff Detail
- Branch
- shibboleth_auth
- Lint
Lint Passed - Unit
No Test Coverage
Event Timeline
I understand your reasons and I have no way to improve security of this authentication adapter.
Therefore I abandon this release.
Maybe in the future I will propose this again, if a more secure form of configuration for the authentication adapter options is implemented.
On line 15 of PhabricatorAuthProviderShibboleth.php there is a typo. It should be "authenticated".