\SAMLAuthenticator
Class SAMLAuthenticator
Authenticates the user against a SAML IdP via a single sign-on process.
It will create a stub record with rudimentary fields (see )
if the Member record was not found.
You can either use:
- just SAMLAuthenticator (which will trigger LDAP sync anyway, via LDAPMemberExtension::memberLoggedIn)
- just LDAPAuthenticator (syncs explicitly, but no single sign-on via IdP done)
- both, so people have multiple tabbed options in the login form.
Both authenticators understand and collaborate through the GUID field on the Member.
Synopsis
class SAMLAuthenticator
extends Authenticator
{
- // members
- private string $name = 'SAML';
- // methods
- public static string get_name()
- public static SAMLLoginForm get_login_form()
- public static bool|Member|void authenticate()
Hierarchy
Extends
- Authenticator
Members
private
- $name — string
Methods
public
- authenticate() — Sends the authentication process down the SAML rabbit hole. It will trigger the IdP redirection via the 3rd party implementation, and if successful, the user will be delivered to the SAMLController::acs.
- get_login_form()
- get_name()