Docker Simplesamlphp
Dockerized plug and play SAML 2.0 Identity Provider (IdP) for development and testing.
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Keycloak | 17,493 |  | 215 | 371 | 20 hours ago | 120 | July 18, 2023 | 1,988 | apache-2.0 | Java |
| Open Source Identity and Access Management For Modern Applications and Services | ||||||||||
| Casbin | 15,768 | 638 | 3 days ago | 240 | July 28, 2023 | 27 | apache-2.0 | Go | ||
| An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN | ||||||||||
| Dex | 8,443 | 22 | 2 days ago | 66 | March 22, 2022 | 408 | apache-2.0 | Go | ||
| OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors | ||||||||||
| Zitadel | 4,688 | 21 hours ago | 947 | December 20, 2022 | 439 | apache-2.0 | Go | |||
| ZITADEL - Identity infrastructure, simplified for you. | ||||||||||
| Arkid | 1,444 | 3 days ago | 29 | November 03, 2021 | 14 | agpl-3.0 | Python | |||
| 一账通是一款开源的统一身份认证授权管理解决方案,支持多种标准协议(LDAP, OAuth2, SAML, OpenID),细粒度权限控制,完整的WEB管理功能,钉钉、企业微信集成等,QQ group: 167885406 | ||||||||||
| Authing | 908 | a year ago | 1 | mit | ||||||
| 🔥Authing - IDaaS/IAM solution that can Auth to web and mobile applications. | ||||||||||
| Maxkey | 841 | a day ago | 6 | apache-2.0 | Java | |||||
| 🗝️MaxKey SSO ,Leading-Edge IAM-IDaas(Identity and Access Management) Product,业界领先的IAM-IDaas身份管理和认证产品,支持OAuth2.x、OpenID Connect、SAML2.0、JWT、CAS、SCIM等SSO标准协议,基于RBAC统一权限控制,实现用户生命周期管理,开源、安全、自主可控。 | ||||||||||
| Saml | 835 | 35 | 95 | 2 months ago | 28 | June 25, 2022 | 59 | bsd-2-clause | Go | |
| SAML library for go | ||||||||||
| Product Is | 661 | 1 | 1 | a day ago | 184 | March 03, 2022 | 3,519 | apache-2.0 | Java | |
| Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below. | ||||||||||
| Spring Boot Security Saml Sample | 490 | 2 years ago | 10 | apache-2.0 | Java | |||||
| SBS3 — A sample SAML 2.0 Service Provider built on Spring Boot. | ||||||||||
Alternatives To Docker SimplesamlphpSelect To Compare
Alternative Project Comparisons
Readme
Docker Test SAML 2.0 Identity Provider (IdP)
Docker container with a plug and play SAML 2.0 Identity Provider (IdP) for development and testing.
Built with SimpleSAMLphp. Based on official PHP8 Apache image.
SimpleSAMLphp is logging to stdout on debug log level. Apache is logging error and access log to stdout.
You must not use at your production. This is for test.
Usage
Using docker run command
docker run --name=idp \
-p 8080:8080 \
-e SIMPLESAMLPHP_SP_ENTITY_ID=http://app.example.com \
-e SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE=http://localhost/simplesaml/module.php/saml/sp/saml2-acs.php/test-sp \
-e SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE=http://localhost/simplesaml/module.php/saml/sp/saml2-logout.php/test-sp \
-d kenchan0130/simplesamlphp
Using docker-compose
version: "3"
services:
idp:
image: kenchan0130/simplesamlphp
container_name: idp
ports:
- "8080:8080"
environment:
SIMPLESAMLPHP_SP_ENTITY_ID: http://app.example.com
SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE: http://localhost/simplesaml/module.php/saml/sp/saml2-acs.php/test-sp
SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE: http://localhost/simplesaml/module.php/saml/sp/saml2-logout.php/test-sp
There are two static users configured in the IdP with the following data:
| Username | Password |
|---|---|
| user1 | password |
| user2 | password |
And there is one admin:
| Username | Password |
|---|---|
| admin | secret |
Environment Variables
| Name | Required/Optional | Description |
|---|---|---|
SIMPLESAMLPHP_SP_ENTITY_ID |
Required | The entity ID of your SP. |
SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE |
Requried | The assertion consumer service of your SP. |
SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE |
Optional | The single logout url of your SP. |
SIMPLESAMLPHP_IDP_ADMIN_PASSWORD |
Optional | The password of admin of this IdP. Default is secret. |
SIMPLESAMLPHP_IDP_SECRET_SALT |
Optional | This is a secret salt used by this IdP when it needs to generate a secure hash of a value. Default is defaultsecretsalt. |
SIMPLESAMLPHP_IDP_SESSION_DURATION_SECONDS |
Optional | This value is the duration of the session of this IdP in seconds. |
SIMPLESAMLPHP_IDP_BASE_URL |
Optional | This value allows you to override the base URL. Valuable for setting an https:// base url behind a reverse proxy. If you set this variable, please end it with a trailing / example: https://my.proxy.com/ Default is `` (empty string). |
Advanced Usage
Customize IdP Users
If you want to customize IdP users, you can define your own users by mounting a configuration file.
<?php
// These attributes mimic those of Azure AD.
$test_user_base = array(
'http://schemas.microsoft.com/identity/claims/tenantid' => 'ab4f07dc-b661-48a3-a173-d0103d6981b2',
'http://schemas.microsoft.com/identity/claims/objectidentifier' => '',
'http://schemas.microsoft.com/identity/claims/displayname' => '',
'http://schemas.microsoft.com/ws/2008/06/identity/claims/groups' => array(),
'http://schemas.microsoft.com/identity/claims/identityprovider' => 'https://sts.windows.net/da2a1472-abd3-47c9-95a4-4a0068312122/',
'http://schemas.microsoft.com/claims/authnmethodsreferences' => array('http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password', 'http://schemas.microsoft.com/claims/multipleauthn'),
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress' => '',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname' => '',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname' => '',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name' => ''
);
$config = array(
'admin' => array(
'core:AdminPassword',
),
'example-userpass' => array(
'exampleauth:UserPass',
'user1:password' => array_merge($test_user_base, array(
'http://schemas.microsoft.com/identity/claims/objectidentifier' => 'f2d75402-e1ae-40fe-8cc9-98ca1ab9cd5e',
'http://schemas.microsoft.com/identity/claims/displayname' => 'User1 Taro',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress' => '[email protected]',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname' => 'Taro',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname' => 'User1',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name' => '[email protected]'
)),
'user2:password' => array_merge($test_user_base, array(
'http://schemas.microsoft.com/identity/claims/objectidentifier' => 'f2a94916-2fcb-4b68-9eb1-5436309006a3',
'http://schemas.microsoft.com/identity/claims/displayname' => 'User2 Taro',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress' => '[email protected]',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname' => 'Taro',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname' => 'User2',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name' => '[email protected]'
)),
),
);
If you save this source as authsources.php, you can customize IdP users by volume mount like:
docker run command
docker run --name=idp \
-p 8080:8080 \
-e SIMPLESAMLPHP_SP_ENTITY_ID=http://app.example.com \
-e SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE=http://localhost/simplesaml/module.php/saml/sp/saml2-acs.php/test-sp \
-e SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE=http://localhost/simplesaml/module.php/saml/sp/saml2-logout.php/test-sp \
-v $PWD/authsources.php:/var/www/simplesamlphp/config/authsources.php \
-d kenchan0130/simplesamlphp
docker-compose
version: "3"
services:
idp:
image: kenchan0130/simplesamlphp
container_name: idp
ports:
- "8080:8080"
environment:
SIMPLESAMLPHP_SP_ENTITY_ID: http://app.example.com
SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE: http://localhost/simplesaml/module.php/saml/sp/saml2-acs.php/test-sp
SIMPLESAMLPHP_SP_SINGLE_LOGOUT_SERVICE: http://localhost/simplesaml/module.php/saml/sp/saml2-logout.php/test-sp
volumes:
- authsources.php:/var/www/simplesamlphp/config/authsources.php
For detailed attributes, see SimpleSAMLphp Identity Provider QuickStart#Authentication module.
Customize SP remote metadata reference
If you want to customize SP remote metadata reference, you can define your own users by mounting a configuration file.
<?php
/* The index of the array is the entity ID of this SP. */
$metadata['entity-id-1'] = array(
'AssertionConsumerService' => 'http://localhost/simplesaml/module.php/saml/sp/saml2-acs.php/test-sp',
ForceAuthn => true
);
$metadata['entity-id-2'] = array(
'AssertionConsumerService' => 'http://localhost/saml/acs',
'SingleLogoutService' => 'http://localhost/saml/logout'
);
If you save this source as saml20-sp-remote.php, you can customize IdP users by volume mount like:
docker run command
docker run --name=idp \
-p 8080:8080 \
-v saml20-sp-remote.php:/var/www/simplesamlphp/metadata/saml20-sp-remote.php \
-d kenchan0130/simplesamlphp
docker-compose
version: "3"
services:
idp:
image: kenchan0130/simplesamlphp
container_name: idp
ports:
- "8080:8080"
volumes:
- saml20-sp-remote.php:/var/www/simplesamlphp/metadata/saml20-sp-remote.php
For detailed attributes, see SP remote metadata reference#SAML 2.0 options.
Inspired By
License
MIT
Popular Identity Projects
Popular Saml Projects
Popular Security Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Php
Docker
Docker Compose
Identity
Saml