Integrating simpleSAMLphp (SAML 2.0) with CMS Made Simple (CMSMS)

Question

I'm trying to build a service proviuder (SP) site for a client using a SAML2.0 based user ID system.

I've been able to install simpleSAMLphp on my server and have tested it with an open IdP authentication network - all is working fine if I just create php files which demand authentication against this IdP. Simple adding this to any page makes it work.

require_once('../simplesamlphp/lib/_autoload.php');
$auth = new SimpleSAML_Auth_Simple('default-sp');
$auth->requireAuth();
$attributes = $auth->getAttributes();

Within CMSMS however, if I add the above as a user defined smarty tag (the usual way of including php) I get a "state lost" error. I've tried adding it to the page meta data (via the content interface) as well as simply in the body of the page or at the head of the template.

I always get:

State information lost
State information lost, and no way to restart the request

Does anyone have any ideas what could be going wrong? I've tried the usual fixes for this error messages (adjusting the domain the cookies are assigned to in php.ini etc). No joy.

Answer 1

This seems like conflicting session management between simpleSAMLphp and CMSMS.

A simple way around this is to install memcached, and use the memcache session handler instead of the php session handler in simplesamlphp.

• http://simplesamlphp.org/docs/stable/simplesamlphp-maintenance#section_2_1

Answer 2

similar session conflict is also with eZ publish (4.x) and Symfony2 (2.3+). SQL session storage solves that problem