SilverStripe\SAML\Authenticators\SAMLAuthenticator
Class SAMLAuthenticator
Authenticates the user against a SAML IdP via a single sign-on process.
It will create a stub record with rudimentary fields (see )
if the Member record was not found.
You can either use:
- just SAMLAuthenticator (which will trigger LDAP sync anyway, via LDAPMemberExtension::memberLoggedIn)
- just LDAPAuthenticator (syncs explicitly, but no single sign-on via IdP done)
- both, so people have multiple tabbed options in the login form.
Both authenticators understand and collaborate through the GUID field on the Member.
Synopsis
class SAMLAuthenticator
extends MemberAuthenticator
{
- // members
- private string $name = 'SAML';
- // methods
- public static string get_name()
- public static SAMLLoginForm get_login_form()
- public null authenticate()
- public void getLoginHandler()
- public void supportedServices()
Hierarchy
Extends
- SilverStripe\Security\MemberAuthenticator\MemberAuthenticator
Members
private
- $name — string
Methods
public
- authenticate() — This method does nothing, as all authentication via SAML is handled via HTTP redirects (similar to OAuth) which are not supported by the Authenticator system. Authentication via SAML is only triggered when a user hits the SAMLController->acs() endpoint when returning from the identity provider.
- getLoginHandler()
- get_login_form()
- get_name()
- supportedServices()