SimpleSAMLphp显示使用saml2与Microsoft Azure目录SSO集成时未找到saml2-acs.php(错误404)
我已经从我的web目录创建了一个链接,这样SimpleSAMLphp显示使用saml2与Microsoft Azure目录SSO集成时未找到saml2-acs.php(错误404),php,azure-active-directory,single-sign-on,saml-2.0,simplesamlphp,Php,Azure Active Directory,Single Sign On,Saml 2.0,Simplesamlphp,我已经从我的web目录创建了一个链接,这样https://resolute.organization.in/sso指向simplesaml目录/var/www/simplesamlphp/www 我的simpleSAML配置页面: 完整的链接https://resolute.organization.in/sso/module.php/saml/sp/saml2-acs.php/default-sp在测试身份验证源-->default-sp时显示404未找到 Myconfig.php: $c
https://resolute.organization.in/sso
指向simplesaml目录/var/www/simplesamlphp/www
我的simpleSAML配置页面:
完整的链接https://resolute.organization.in/sso/module.php/saml/sp/saml2-acs.php/default-sp
在测试身份验证源-->default-sp时显示404未找到
Myconfig.php:
$config = ['baseurlpath' => 'https://resolute.organization.in/sso/',
'secretsalt' => 'my_secret_salt',
'auth.adminpassword' => 'my_admin_pass',
];
$config = [
'admin' => [
'core:AdminPassword',
],
'default-sp' => [
'saml:SP',
'entityID' => 'https://resolute.organization.in/',
'idp' => 'https://sts.windows.net/{some-unique-key}/', //From metadata.xml for the app with entity ID in AD as *https://resolute.organization.in/*
'discoURL' => null,
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
'simplesaml.nameidattribute' => 'eduPersonTargetedID',
],
]
$metadata['https://sts.windows.net/{some-unique-key}/'] = array (
'entityid' => 'https://sts.windows.net/{some-unique-key}/',
'contacts' =>
array (
),
'metadata-set' => 'saml20-idp-remote',
'SingleSignOnService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
),
'SingleLogoutService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
),
'ArtifactResolutionService' =>
array (
),
'NameIDFormats' =>
array (
),
'keys' =>
array (
0 =>
array (
'encryption' => false,
'signing' => true,
'type' => 'X509Certificate',
'X509Certificate' => '{really_long_key}',
),
),
);
Rest all是config.php中的默认值
Myauthsources.php:
$config = ['baseurlpath' => 'https://resolute.organization.in/sso/',
'secretsalt' => 'my_secret_salt',
'auth.adminpassword' => 'my_admin_pass',
];
$config = [
'admin' => [
'core:AdminPassword',
],
'default-sp' => [
'saml:SP',
'entityID' => 'https://resolute.organization.in/',
'idp' => 'https://sts.windows.net/{some-unique-key}/', //From metadata.xml for the app with entity ID in AD as *https://resolute.organization.in/*
'discoURL' => null,
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
'simplesaml.nameidattribute' => 'eduPersonTargetedID',
],
]
$metadata['https://sts.windows.net/{some-unique-key}/'] = array (
'entityid' => 'https://sts.windows.net/{some-unique-key}/',
'contacts' =>
array (
),
'metadata-set' => 'saml20-idp-remote',
'SingleSignOnService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
),
'SingleLogoutService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
),
'ArtifactResolutionService' =>
array (
),
'NameIDFormats' =>
array (
),
'keys' =>
array (
0 =>
array (
'encryption' => false,
'signing' => true,
'type' => 'X509Certificate',
'X509Certificate' => '{really_long_key}',
),
),
);
saml20 idp remote.php中的我的元数据数组:
$config = ['baseurlpath' => 'https://resolute.organization.in/sso/',
'secretsalt' => 'my_secret_salt',
'auth.adminpassword' => 'my_admin_pass',
];
$config = [
'admin' => [
'core:AdminPassword',
],
'default-sp' => [
'saml:SP',
'entityID' => 'https://resolute.organization.in/',
'idp' => 'https://sts.windows.net/{some-unique-key}/', //From metadata.xml for the app with entity ID in AD as *https://resolute.organization.in/*
'discoURL' => null,
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
'simplesaml.nameidattribute' => 'eduPersonTargetedID',
],
]
$metadata['https://sts.windows.net/{some-unique-key}/'] = array (
'entityid' => 'https://sts.windows.net/{some-unique-key}/',
'contacts' =>
array (
),
'metadata-set' => 'saml20-idp-remote',
'SingleSignOnService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
1 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
),
'SingleLogoutService' =>
array (
0 =>
array (
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://login.microsoftonline.com/{some-unique-key}/saml2',
),
),
'ArtifactResolutionService' =>
array (
),
'NameIDFormats' =>
array (
),
'keys' =>
array (
0 =>
array (
'encryption' => false,
'signing' => true,
'type' => 'X509Certificate',
'X509Certificate' => '{really_long_key}',
),
),
);
我的联盟页面:
[show metadata]链接也显示404,本例中URL栏中的链接为:
https://resolute.organization.in/sso/module.php/saml/sp/metadata.php/default-sp?output=xhtml
IdP元数据链接正确显示元数据数组
请帮我找出我在这里遗漏了什么,因为这几天来我一直在为这个问题绞尽脑汁。解决了这个问题,它与Nginx服务器配置有关,无法在一个链接中处理多个php页面。切换到Apache,一切正常。这取决于php如何处理url参数,以及在使用php fpm和NGINX或Apache mpm_worker/event时发生的情况。 要解决此问题,请设置 php.ini中的cgi.fix_pathinfo=1