Using these instructions, you should be able to install the simpleSAMLphp service provider into a specific directory on a web server running PHP 5.2 or newer.
Prerequisites: PHP 5.2>= with
- Hashing function
- zlib
- openssl
- SimpleXML
- XML DOM
- Regex support
Installation
Follow the instructions for installing simpleSAMLphp:
Cornell Configuration
Configure for remote SP
Follow the directions for Service Provider QuickStart
Generating metadata
You'll need to populate saml20-idp-remote.php with Cornell specific info. This can be done by going to the "Federation" tab and using the "XML to simpleSAMLphp metadata converter". Be sure to add "<?php" and "?>" to the beginning / end of the generated file.
Testing Configuration
Go to the "Authentication" tab and click on "Test configured authentication services" and "default-sp". If it is all working you should see output. You'll probably want to set the default-sp to avoid the intermediary screen: http://simplesamlphp.org/docs/stable/simplesamlphp-sp#section_3
Known Issues
Attributes map to the OID string and not something friendly like EduPersonName, etc...
Suggestions of how to map a "friendly" name and perform authorization: http://drupal.org/node/1931394