start to allow adfs metadata in the admin ui again#2067
start to allow adfs metadata in the admin ui again#2067tvdijen merged 1 commit intosimplesamlphp:saml2v5_metadatafrom
Conversation
| case 'SingleLogoutServiceBinding': | ||
| return C::BINDING_HTTP_REDIRECT; | ||
| } | ||
| } elseif ($set == 'adfs-idp-hosted') { |
There was a problem hiding this comment.
Ideally the adfs-module should provide this (so we don't have any references to adfs anywhere).
Now that I'm looking at this a second time, I think there's a bug here, because a SingleSignOnService of value $baseurl is not going to work.. I think in this case it should be the prp-endpoint from the adfs-module.
|
There are likely to be issues as I go along. I am still coming up to speed with SAML itself and didn't know about ADFS until very recently. That said my first move was to try to get something in the admin / federation page and then start working to refine things to be as expected. I will dig into an update for I will also look at how to shift all code that references adfs out of src/SimpleSAML/Metadata (and src/SimpleSAML/*) and into the adfs module as a follow up. |
This goes hand in hand with simplesamlphp/simplesamlphp-module-adfs#18
With these and simplesamlphp/simplesamlphp-module-adfs#18 I can again see the ADFS metadata in the admin/federation page.
The next logical move is getting
getSecurityTokenServiceto work again too. Perhaps phase one might be to directly reach out to it and then move to using a hook to call the function.