SAML#
This document describes how to configure SAML authentication for deployed
systems. We assume you used the deploy_${DIST}.sh script to deploy the
software.
There are three, yeah I know, options for configuring SAML for your VPN server:
Which one to choose depends…
Shibboleth is the most complete, but also most complicated implementation and is recommended only when you have people available in your organization to help you with its configuration. We do provide basic documentation, but that is only the bare minimum to get it working, usually not sufficient for a production deployment.
The easiest to deploy is php-saml-sp. This one is recommended if you are not very familiar with SAML and do not have (a lot of) local support for configuring Shibboleth. Our team can directly help you with issues related to php-saml-sp.
You should NOT choose mod_auth_mellon, it is only there for legacy reasons.
In order to make a particular user an “administrator” in the portal, see Portal Admin.