Jili ez download old version.Enjoy Free 888+200 Daily Legal Bonus

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)

Forum: Plugins
In reply to: [WP SAML Auth] reauth=1
Thread Starter DRazumovskiy
(@drazumovskiy)

7 years, 5 months ago
Hi Daniel,

Thank you for a prompt responce!
Your solution might work if I find out how to properly configure OneLogin library using functions.php of my theme.
Currently I stopped on message validation, coming from OneLogin.
On the side of IdP (which is also built on pure SimpleSAMLphp) I have this error message:

Caused by: SimpleSAML_Error_Exception: Validation of received messages enabled, but no signature found on message

When yesterday I was using simplesaml version of auth library I set:
```
'sign.authnrequest' => TRUE,
'sign.logout' => TRUE
```
in saml20-idp-remote.php to fix this error.

Now, with OneLogin, I don’t know how to force the library to sign the request.

Can you suggest a parameter that switch on request signing?
- This reply was modified 7 years, 5 months ago by DRazumovskiy.
Forum: Reviews
In reply to: [SAML 2.0 Single Sign-On] Works fine
Thread Starter DRazumovskiy
(@drazumovskiy)

9 years, 2 months ago
Hi bizt!

You touched an interesting topic. Indeed we had to slightly modify the code of the plugin. We designed a dedicated field WPMember in our IdP. This field stores a user’s group name. We also use Members plugin which allows creation of custom groups with dedicated permissions.

In wp-content/plugins/saml-20-single-sign-on/lib/classes/saml_client.php we modified a function update_role like that:
```
private function update_role()
  {
/*    $attrs = $this->saml->getAttributes();
    if(array_key_exists($this->settings->get_attribute('groups'), $attrs) )
    {
      if( in_array($this->settings->get_group('admin'),$attrs[$this->settings->get_attribute('groups')]) )
      {
        $role = 'administrator';
      }
      elseif( in_array($this->settings->get_group('editor'),$attrs[$this->settings->get_attribute('groups')]) )
      {
        $role = 'editor';
      }
      elseif( in_array($this->settings->get_group('author'),$attrs[$this->settings->get_attribute('groups')]) )
      {
        $role = 'author';
      }
      elseif( in_array($this->settings->get_group('contributor'),$attrs[$this->settings->get_attribute('groups')]) )
      {
        $role = 'contributor';
      }
      elseif( in_array($this->settings->get_group('subscriber'),$attrs[$this->settings->get_attribute('groups')]) )
      {
        $role = 'subscriber';
      }
      elseif( $this->settings->get_allow_unlisted_users() )
      {
        $role = 'subscriber';
      }
      else
      {
        $role = false;
      }
    }
    else
    {
      $role = false;
    }
*/
    $attrs = $this->saml->getAttributes();
    $role = $attrs[$this->settings->get_attribute('groups')][0];

    $user = get_user_by('login',$attrs[$this->settings->get_attribute('username')][0]);
    if($user)
    {
      $user->set_role($role);
    }

    return $role;
  }
```
In plugin config page we set WPMember as the field to use for a determination of the group. The rest of the settings page (Groups) is not used in our case.

Hope this helps.

Viewing 2 replies - 1 through 2 (of 2 total)