Creating SAML Server

Source: helloitsliam.com,support.citrix.com, simplesamlphp.org, citrix.com

• Prerequisites:

Ubuntu Server - VM or Physical box
Internet connectivity 

• Update Ubuntu

sudo apt-get update
sudo apt-get upgrade

• Install PHP, Apache2 & related libraries:

sudo apt-get install php7.0 apache2 php7.0-mcrypt php7.0-ldap php7.0-mysql libapache2-mod-php7.0 php-xml

• Installing SimpleSAMLphp binaries:

cd /var
sudo wget https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.14.12/simplesamlphp-1.14.12.tar.gz
sudo tar zxf simplesamlphp-1.14.12.tar.gz
cd simplesamlphp-1.14.12/
sudo mv simplesamlphp-1.14.12 simplesamlphp
sudo rm -f simplesamlphp-1.14.12.tar.gz 
cd simplesamlphp/

• Configuring SimpleSAML php:

sudo nano /var/simplesamlphp/config/config.php
sudo nano /var/simplesamlphp/config/authsources.php
sudo nano /var/simplesamlphp/metadata/saml20-idp-hosted.php
sudo nano /var/simplesamlphp/metadata/saml20-sp-remote.php

• Pointing Apache to SimpleSAMLphp

sudo nano /etc/apache2/sites-available/000-default.conf

• Now check if application is accessible over HTTP:

http://<ip-address-of-server>/simplesamlphp

• Enabling Secure (read SSL) access:

cd /etc/apache2/
sudo mkdir ssl

sudo openssl genrsa -des3 -out Certificate.key 4096
sudo openssl rsa -in Certificate.key -out Certificate.pem
sudo openssl req -new -key Certificate.key -out Certificate.csr
sudo openssl x509 -req -days 9999 -in Certificate.csr -signkey Certificate.key -out Certificate.crt

sudo a2enmod ssl
sudo service apache2 restart

sudo nano /etc/apache2/sites-available/000-default.conf
sudo a2ensite ssl
sudo a2enmod ssl
sudo service apache2 restart

sudo phpenmod mcrypt
sudo service apache2 restart

• Now the page should be available over https:

https://<ip-address-of-server>/simplesamlphp

References

{{#widget:DISQUS |id=networkm |uniqid=SAML Server |url=https://aman.awiki.org/wiki/SAML_Server }}