Lines Matching refs:be
55 can’t be tricked into entering it on a fake login page.
77 * Publish the SP metadata (which can be signed).
84 * **Easy to use** - Programmer will be allowed to code high-level and
134 …`. Make sure you are including the autoloader provided by composer. It can be found at `vendor/aut…
136 **Important** In this option, the x509 certs must be stored at `vendor/onelogin/php-saml/certs`
153 Sometimes the names of the classes of the old code could be a bit different
157 We recommend that you migrate the old code to the new one to be able to use
165 namespaces, remember that calls to the class must be done by adding a backslash (`\`) to the
174 In production, the `strict` parameter **MUST** be set as `"true"` and the
175 `signatureAlgorithm` and `digestAlgorithm` under `security` must be set to
177 environment is not secure and will be exposed to attacks.
179 …ts deprecated that mechanism, we maintain it for compatibility and also to be used on test environ…
258 * `settings_example.php` - A template to be used in order to create a
260 * `advanced_settings_example.php` - A template to be used in order to create a
302 // or unencrypted messages if it expects them to be signed or encrypted.
310 // Set a BaseURL to be used instead of try to guess
318 // Identifier of the SP entity (must be a URI)
320 // Specifies info about where and how the <AuthnResponse> message MUST be
323 // URL Location where the <Response> from the IdP will be returned
325 // SAML protocol binding to be used when returning the <Response>
332 // friendlyName can be omitted
346 // Specifies info about where and how the <Logout Response> message MUST be
349 // URL Location where the <Response> from the IdP will be returned
351 // SAML protocol binding to be used when returning the <Response>
356 // Specifies the constraints on the name identifier to be used to
368 * you can define here the new x509cert and it will be
377 // Identifier of the IdP entity (must be a URI)
382 // will be sent.
384 // SAML protocol binding to be used when returning the <Response>
391 // URL Location of the IdP where SLO Request will be sent.
394 // if not set, url for the SLO Request will be used
396 // SAML protocol binding to be used when returning the <Response>
439 information that could be defined. In the same way that a template exists
460 // will be encrypted.
464 // will be signed. [Metadata of the SP will offer this info]
468 // will be signed.
472 // will be signed.
490 // and <samlp:LogoutResponse> elements received by this SP to be signed.
494 // this SP to be encrypted.
498 // this SP to be signed. [Metadata of the SP will offer this info]
502 // received by this SP to be present.
506 // this SP to be encrypted.
510 // Set to false and no AuthContext will be sent in the AuthNRequest.
516 // (In order to validate the xml, 'strict' and 'wantXMLValidation' must be true).
520 // attribute will not be rejected for this fact.
526 // will be accepted.
529 // If true, SAMLResponses with an InResponseTo value will be rejectd if not
539 // Notice that sha1 is a deprecated algorithm and should not be used
547 // Notice that sha1 is a deprecated algorithm and should not be used
589 Once we know what kind of data could be configured, let's talk about the way
634 After that line we will be able to use the classes (and their methods) of the
665 The `AuthNRequest` will be sent signed or unsigned based on the security info
681 * `$parameters` - An array of parameters that will be added to the `GET` in the HTTP-Redirect.
686 * `$nameIdValueReq` - Indicates to the IdP the subject that should be authenticated.
688 …future SAMLResponse ID and the AuthNRequest ID to be sent is required, that AuthNRequest ID must t…
736 that the info to be provided is valid.
753 session_start(); // IMPORTANT: This is required in order to be able
864 Each attribute name can be used as an index into `$attributes` to obtain the value. Every attribute…
882 no attributes in the SAML assertion, an empty array will be
895 session_start(); // IMPORTANT: This is required in order to be able
921 validated and the session could be closed
1014 Also there are eight optional parameters that can be set:
1015 * `$returnTo` - The target URL the user should be returned to after logout.
1016 * `$parameters` - Extra parameters to be added to the GET.
1017 * `$name_id` - That will be used to build the LogoutRequest. If `name_id` parameter is not set and …
1018 SAML Response with a `NameId`, then this `NameId` will be used.
1021 * `$nameIdFormat` - The NameID Format will be set in the LogoutRequest.
1022 * `$nameIdNameQualifier` - The NameID NameQualifier will be set in the LogoutRequest.
1023 * `$nameIdSPNameQualifier` - The NameID SP NameQualifier will be set in the LogoutRequest.
1025 The Logout Request will be sent signed or unsigned based on the security
1071 …ure LogoutResponse ID and the LogoutRequest ID to be sent is required, that LogoutRequest ID must …
1220 …e a specific value to be returned by `isHTTPS`, `getSelfHost`, `getSelfPort` and `getBaseURLPath`.…
1222 At the settings the developer will be able to set a `'baseurl'` parameter that automatically will u…
1229 You should be able to workaround this by configuring your server so that it is aware of the proxy a…
1236 …t and privateKey you can define the new x509cert as `$settings['sp']['x509certNew']` and it will be
1247 When that parameter is used, `'x509cert'` and `'certFingerprint'` values will be ignored by the too…
1250 - `'signing'`. An array of certs that will be used to validate IdP signature
1251 - `'encryption'` An array with one unique cert that will be used to encrypt data to be sent to the …
1256 …essed, to avoid processing them twice. Since the Messages expires and will be invalidated due that…
1263 Described below are the main classes and methods that can be invoked.
1351 * `getXML` - Returns the XML that will be sent as part of the request.
1392 …* `getXML` - Returns the XML that will be sent as part of the request or that was received at the …
1406 …* `getXML` - Returns the XML that will be sent as part of the response or that was received at the…
1532 file is loaded in order to get the `$settingsInfo` var to be used in order to initialize
1535 Notice that in this demo, the `setting.php` file that could be defined at the base
1549 to the same view or login and be redirected to the `attrs.php` view.
1569 5. The single log out functionality could be tested by two ways.
1588 must be done.
1602 `setting_extended.php` file should be defined at the base folder of the toolkit.
1626 Notice that the SSO action can be initiated at `index.php` or `sso.php`.
1639 user is logged and redirects to `index.php`, so we will be in the
1645 4. The single log out functionality could be tested by two ways.
1670 An object of the class `OneLogin_Saml_Settings` must be provided to the
1674 could be used as a template for your `settings.php` file.
1694 should be initiated by the application. This is called Service Provider
1699 validation, the userdata and the nameID will be available, using `getNameId()` or