Using these instructions, you should be able to install the simpleSAMLphp service provider into a specific directory on a web server running PHP 5.2 or newer.

Prerequisites: PHP 5.2>= with

• Hashing function
• zlib
• openssl
• SimpleXML
• XML DOM
• Regex support

Installation

Follow the instructions for installing simpleSAMLphp:

• http://simplesamlphp.org/docs/stable/

Cornell Configuration

Configure for remote SP

Follow the directions for Service Provider QuickStart

• http://simplesamlphp.org/docs/stable/simplesamlphp-sp

Generating metadata

You'll need to populate saml20-idp-remote.php with Cornell specific info. This can be done by going to the "Federation" tab and using the "XML to simpleSAMLphp metadata converter". Be sure to add "<?php" and "?>" to the beginning / end of the generated file.

Testing Configuration

Go to the "Authentication" tab and click on "Test configured authentication services" and "default-sp". If it is all working you should see output.  You'll probably want to set the default-sp to avoid the intermediary screen: http://simplesamlphp.org/docs/stable/simplesamlphp-sp#section_3

Known Issues

Attributes map to the OID string and not something friendly like EduPersonName, etc...

Suggestions of how to map a "friendly" name and perform authorization: http://drupal.org/node/1931394