Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted February 27, 20196 yr Good Morning, I'm developing a custom login handler using OneLogin's PHP SAML library. The way that saml works is the user clicks a button to login -> redirected to the login page -> login page realizes user needs to login, builds a SAML request and redirects to the Identity Provider (IDP) -> User Logs in -> User is redirected back to an "assertion consumer" page which consumes either HTTP POST or GET XML containing the login information. I have the button handler setup and the login redirect is working thanks to the documentation Invision provides. My question is how do I create a custom Assertion Consumer URL (Example: https://mysite.com/AssertionConsumer) that can decrypt the SAML assertion? It almost seems as if I need a separate php page that loads the invision session information, but I wasn't sure. My current assumption is that I'll need to create a plugin (or maybe application since it's not extending any existing app functionality?), but I wanted to ask before I went down that path.
February 28, 20196 yr What I've done in the past is use the PHP simplesamlphp library to handle reading/decrypting the SAML response. A plugin is then used to invoke the library during session initialization. SAML isn't exactly the simplest route for SSO/unified login, but this approach works fine for our clients using it.
Archived
This topic is now archived and is closed to further replies.