SAML data is not available by default. You will need to fill out a request form to receive access to the data you need. SAML data is much more limited than GTED. However, the number of fields that are available is growing all of the time.
https://iam.gatech.edu/gted/data_steward_request.html
Once that is setup....
Download the latest version of phpCAS. SAML support for phpCAS is evolving with each new version. You will need at least version 1.1.1 to ensure SAML support.
http://www.ja-sig.org/downloads/cas-clients/php/
Configuring phpCAS to handle SAML data is not terribly different than configuring it without. The key differences are to use the SAML 1.1 protocol and the ensure that you are using a valid certificate to validate the server and ensure that you receive the data. You must supply a certificate, you cannot use SAML if you use setNoCasServerValidation()
<?php// CAS Server Configuration$cas_host = 'login.gatech.edu';$cas_context = '/cas';$cas_port = 443;$cas_url = 'https://'.$cas_host;if ($cas_port != '443') { $cas_url = $cas_url.':'.$cas_port;}$cas_url = $cas_url.$cas_context;// Include phpCASinclude_once('CAS.php');// Uncomment to enable debugging// phpCAS::setDebug();// Initialize phpCASphpCAS::client(SAML_VERSION_1_1, $cas_host, $cas_port, $cas_context);// Do not validate the CAS server certificatephpCAS::setNoCasServerValidation();// Force CAS authentication on any page that includes this filephpCAS::forceAuthentication();?>
Now that we have configured our connection to gtLogin to send us SAML data, let's take a look at what we get back.
<?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header/> <SOAP-ENV:Body> <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" IssueInstant="2010-05-06T13:34:14.361Z" MajorVersion="1" MinorVersion="1" Recipient="http://swdist1.oit.gatech.edu/samltest3.php" ResponseID="_cf1f21fe4852fd2fb75bcaa3b1ca2552"> <Status> <StatusCode Value="samlp:Success"/> </Status> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="_2b3ee75807e051cbd6a39b5d908ad002" IssueInstant="2010-05-06T13:34:14.361Z" Issuer="localhost" MajorVersion="1" MinorVersion="1"> <Conditions NotBefore="2010-05-06T13:34:14.361Z" NotOnOrAfter="2010-05-06T13:34:44.361Z"> <AudienceRestrictionCondition> <Audience>http://swdist1.oit.gatech.edu/samltest3.php</Audience> </AudienceRestrictionCondition> </Conditions> <AttributeStatement> <Subject> <NameIdentifier>pwhite6</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</ConfirmationMethod> </SubjectConfirmation> </Subject> <Attribute AttributeName="uid" AttributeNamespace="http://www.ja-sig.org/products/cas/"> <AttributeValue>pwhite6</AttributeValue> </Attribute> <Attribute AttributeName="cn" AttributeNamespace="http://www.ja-sig.org/products/cas/"> <AttributeValue>White, Peter</AttributeValue> </Attribute> </AttributeStatement> <AuthenticationStatement AuthenticationInstant="2010-05-06T13:34:14.200Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"> <Subject> <NameIdentifier>pwhite6</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</ConfirmationMethod> </SubjectConfirmation> </Subject> </AuthenticationStatement> </Assertion> </Response> </SOAP-ENV:Body></SOAP-ENV:Envelope>
A long XML response. There is a lot of information in there but for our purposes, we only care about the attributes (in bold).
phpCAS has a getAttributes method which loads all of the attribute responses into an array. Here is a simple example of printing out the attributes you get back.
<h3>User Attributes</h3><ul><?phpforeach (phpCAS::getAttributes() as $key => $value) { if (is_array($value)) { echo '<li>', $key, ':<ol>'; foreach($value as $item) { echo '<li><strong>', $item, '</strong></li>'; } echo '</ol></li>'; } else { echo '<li>', $key, ': <strong>', $value, '</strong></li>'; }}?></ul>