A presentation explaining how to build Single Sign On functionality in PHP using standards such as OpenID, OAuth and SAML. Delivered on November 4, 2010 at Zendcon in Santa Clara
25. Level 4 - SAML
Creating our own Identity Provider
26. SAML
Security Assertion Markup Language
XML standard by OASIS
Assertions contain:
Proof of Identity
Attributes
Supports XML signatures and encryption
43. SugarCRM
Plugin: didn’t work
Problem: auth structure
Solution: hacking the source
Options:
Contact me if you need to get SugarCRM to do
SSO :-)
Wait for SugarCRM 6.1, it contains a working SAML
plugin (/via @smalyshev)
44. Google Apps
Requires Premier or Education Edition
Configure SAML endpoint => Done!
Docs:
http://code.google.com/googleapps/domain/sso/
saml_reference_implementation.html
59. Credits
Pictures used in this presentation are creative commons attribution licensed pictures.
Here are the owners and the URLS where the originals can be found:
‘Multiple Padlock Farm Gate’ by Mike Baird - http://www.flickr.com/photos/mikebaird/2354116406/
‘Love Locks’ by James Manners - http://www.flickr.com/photos/jmanners/443421045/
‘Seguridad’ by Juan J. Martinez - http://www.flickr.com/photos/reidrac/4696900602/
‘Hotel Keys by Henri Bergius - http://www.flickr.com/photos/bergie/3468886680/
‘OAuth Shiny’ by Chris Messina - http://www.flickr.com/photos/factoryjoe/3343062926/
‘Take a number please’ by Andres Rueda - http://www.flickr.com/photos/andresrueda/3259487071/
’38/365 Puzzled’ by Mykl Roventine - http://www.flickr.com/photos/myklroventine/3261364899/
‘Visiting Portage’ by Jeremy Bronson - http://www.flickr.com/photos/jbrons/4444017497/
‘_dsc8037’ by Sergey Vladimirov - http://www.flickr.com/photos/vlsergey/4138735474/
Application logo’s and other icons have been used under the assumption that use of them in this context is
considered fair use.