New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider adding SAML support for the security component #19992

Open
javiereguiluz opened this Issue Sep 20, 2016 · 3 comments

Comments

Projects
None yet
3 participants
@javiereguiluz
Member

javiereguiluz commented Sep 20, 2016

Context

SAML (Security Assertion Markup Language) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.

Problem

SAML is increasingly popular among companies, academic institutions and other high-profile entities which are the target of Symfony. For example, providing SAML support is one of the big new features recently announced by GitHub (details)

Symfony Security doesn't provide support for SAML, but other comparable projects do: Django through djangosaml2 and Spring through Spring Security SAML.

Solution

Not so long ago we added support for LDAP, so adding new big security features is something that Symfony is open to do.

If you think this doesn't belong to Symfony Core, then I'd say it doesn't belong either to a third-party project, because it's too important and too critical to do it right. So, maybe Symfony could create some pseudo-official projects (second-party projects?) to provide features that don't belong to core but are considered important.

@fabpot

This comment has been minimized.

Member

fabpot commented Sep 20, 2016

I agree that SAML support in Symfony would be great, but we would need a sponsor for that. Like for LDAP. SensioLabs sponsored the dev because we had a need.

@mvrhov

This comment has been minimized.

Contributor

mvrhov commented Sep 22, 2016

https://github.com/lightSAML/SpBundle And probably others. cannot sort by popularity on packagist

@javiereguiluz

This comment has been minimized.

Member

javiereguiluz commented Mar 9, 2018

Just for reference: Spring Framework, which Symfony Security component is based on, announced this week that SAML is so important that they are promoting it from an extension to the core of Spring Security (https://spring.io/blog/2018/03/05/spring-security-saml-roadmap).

Hopefully we can find a volunteer whit lots of SAML experience and who knows Symfony Security well and can contribute this feature. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment