Install with composer
vendor/bin/composer require simplesamlphp/simplesamlphp-module-adfs
Next thing you need to do is to enable the module: in
config.php
, search for the module.enable
key and set adfs
to true:
'module.enable' => [
'adfs' => true,
…
],
View samples in metadata-templates
for defining your idp and any relying
parties/sps.
-
A
realm
is similar to an entityId from SAML.adfs-sp-remote.php
metadata array is based onrealm
. An IP STS is similar to an IdP. -
Some WS-Fed Relying Party applications want the assertion lifetime to be longer than the application's session lifetime. If not, the application will send the user to the IdP to login again, hoping for a longer lived assertion. SSP's default assertion lifetime is 5 minutes while SharePoint, by default, wants 10 minutes. Use the
assertion.lifetime
inadfs-sp-remote.php
to set the time greater than that set in SharePoint (which can be configured by adjustingLogonTokenCacheExpirationWindow
)