I'm having some difficulties to configure SimpleSamlPhp with ADFS.
Here is the procedure that I have followed:
SimpleSAML is installed and configured on my web server Apache (example.com) and ADFS2 is installed on your federation server (myadfs).
- Open a browser and go to URL
https://myadfs/Federationmetadata/2007-06/FederationMetadata.xml - Save as
FederationMetadata.xml. - Open a browser and go to
https://example.com/simplesaml - Select Federation tab
- Click on Convert XML Metadata to simpleSAML.php
- Paste the content of the previous file (FederationMetadata.xml)
- Click on Analyse
- On saml20-idp-remote section, select all text and copy it
- Edit the file
<document_root>/simplesamlphp/metadata/saml20-idp-remote.php(save a copy likesaml20-idp-remote.bak) - Delete all text between
<?php … ?>(keep the<?phpand?>) - Paste the previous selected text between
<?phpand?> - Under
entityidline, add following line:'sign.logout' => TRUE, Save
saml20-idp-remote.php-
Edit the file
<document_root>/simplesamlphp/config/ authsources.php. In the $config array add an entry like'myauth' => array( 'saml:SP', 'idp' => 'http://www.myadfs.com/adfs/services/trust', 'privatekey' => '001-mysite.key', 'certificate' => '001-mysite.crt', ),
Then I sent my Metadata to my network administrator for him to authorize my connection.
Unfortunately when I try to connect I directly get the ADFS error without being able to input my credentials.
My Network Administrator told me that the error was the following:
The data at the root level is invalid. Line 1, position 1.
Apparently he cannot read the certificate on a windows server but we have successfully installed Wordpress SSO on Microsoft Azure using a plugin that use this exact same PHP Plugin and it has been working fine.
Does someone have any idea how to fix it? Thanks!
