Topic on Extension talk:SimpleSAMLphp

Hello,

I try to config SSO with simpleSAML and PluggableAuth with simplesamlphp library. This one work as standalone : I can login throught SSO and the library show me all the attributes! good!

When I want to login to mediawiki, I am redirected to the sso page, enter my credentials, and redirect to 10.xxx.xx.xx//index.php/Sp%C3%A9cial:PluggableAuthLogin

note : the double slash // before index.php.

mediawiki is behind a proxy and simplesamlphp is on the same machine but on a different cluster.

and then, If I change manually the right URL, Login is ok !

Version mediawiki : 1.33

LocalSettings.php :

$wgSimpleSAMLphp_InstallDir = '/appli/saml/apache_2.4/htdocs/saml/simplesamlphp/';

$wgSimpleSAMLphp_AuthSourceId = 'default-sp';

$wgSimpleSAMLphp_RealNameAttribute = "websso_cn";

$wgSimpleSAMLphp_EmailAttribute = "websso_mail";

$wgSimpleSAMLphp_UsernameAttribute = "websso_groupid";

//$wgPluggableAuth_EnableAutoLogin = true;

$wgPluggableAuth_Class = "SimpleSAMLphp";

$wgGroupPermissions['*']['autocreateaccount'] = true;

$wgMainCacheType = CACHE_DB;

My questions :

Is Mediawiki able to have its own acsurl ?

Is the redirect path must be sent to IdP ?

Thanks in advance

After a few days and some long night, finally, I found a solution.

In my case, after login, and without any special config was https://domain/saml/modufle.php/saml/sp/saml2-cas.php

I modified the file <mediawikiRootPath>/extensions/SimpleSAMLphp/include/SimpleSAMLphp.php with the following code :

line : 109 :

- $saml->requireAuth();

+ $saml->requireAuth( array(

'ReturnTo' => $GLOBALS['wgServer'] . $ GLOBAS['wgScriptPath']

));

And then the redirect goes directly to my wiki.

If this answer can help anyone...