[UNMAINTAINED] SSO security filter for symfony1.4
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.



The knpSsoPlugin is a symfony 1.4 plugin that provides authentication via SSO above the standard security feature of symfony.

It gives you the model (user) and the modules (frontend) to secure your symfony application in a minute in a configurable plugin. It does not require a database as the user infos are only stored in the user session.

Credits go to the knpLabs team.


  • Install the plugin (via a git submodule)

    git submodule add git://github.com/knplabs/knpSsoPlugin.git plugins/knpSsoPlugin
  • Activate the plugin in the config/ProjectConfiguration.class.php

    class ProjectConfiguration extends sfProjectConfiguration
      public function setup()

Secure your application

To secure a symfony application:

  • Enable the module knpSsoAuth in settings.yml

        enabled_modules: [..., knpSsoAuth]
  • Change the default login and secure modules in settings.yml

    login_module:           knpSsoAuth
    login_action:           signin
    secure_module:          knpSsoAuth
    secure_action:          secure
  • Change the parent class in myUser.class.php

    class myUser extends knpSsoSecurityUser
  • Optionally add the following routing rules to routing.yml

      url:   /login
      param: { module: knpSsoAuth, action: signin }
      url:   /logout
      param: { module: knpSsoAuth, action: signout }

    You can customize the url parameter of each route.

    These routes are automatically registered by the plugin if the module knpSsoAuth is enabled unless you defined knp_sso_plugin_routes_register to false in the app.yml configuration file:

        routes_register: false
  • Secure some modules or your entire application in security.yml

      is_secure: true
  • Configure your SSO server in your app.yml

        # sso_plugin_signin_form: knpSsoFormSignin
        # sso_key_parameter: sso_key                     # name of the GET parameter you will use
        # sso_fetcher_class: knpSsoFetcher
          method: demo.validateSso
          url: http://www.knplabs.com/xmlrpc.php
  • You're done. Now, if you try to access a secure page with a valid sso_key as a parameter, you will have access to the page.

Customize knpSsoAuth module actions

If you want to customize or add methods to the knpSsoAuth:

  • Create a knpSsoAuth module in your application

  • Create an actions.class.php file in your actions directory that inherit from BaseknpSsoAuthActions (don't forget to include the BaseknpSsoAuthActions as it can't be autoloaded by symfony)

    class knpSsoAuthActions extends BaseknpSsoAuthActions
      public function executeNewAction()
        return $this->renderText('This is a new knpSsoAuth action.');

knpSsoSecurityUser class

This class inherits from the sfBasicSecurityUser class from symfony and is used for the user object in your symfony application (because you changed the myUser base class earlier).

So, to access it, you can use the standard $this->getUser() in your actions or $sf_user in your templates.

knoSsoSecurityUser adds some methods:

  • signIn() and signOut() methods


knpSsoPlugin comes with a validator that you can use in your modules: knpSsoValidatorUser.