3 Reasons not to use SimpleSAMLphp to provide SSO support to your PHP application.

First off I want to say that I’m sure that SimpleSAMLphp has some really great applications/uses.  As they say on their site they’ve won some awards.   However in my experience this application has several large drawbacks that prevent it from being usable for many projects.

  1. Installation?
    • If I’m going to do something with simpleSAMLphp like write an extension for a CMS or add it for use in an application that I want to wrap up for easy deployment I ABSOLUTELY DO NOT want to require people to install SimpleSAMLphp on their own to use my software.
    • This isn’t cross platform friendly (at least not in the documentation) a.k.a. no windows install instructions.
    • Granted if you download it and put it in your application you can access the pages (in module core) but that leads to…
  2. Not external database friendly.
    • Trying to make the config files dynamic is like pulling teeth.  If you try to require() anything it more than likely won’t function correctly.  I tested several scripts to parse external data from my database to set the parameters in config.php file but every-time I tried to load the  ‘/www/module.php/core/frontpage_welcome.php’ my database object would fail.
    • What is the point of forcing your end users to manually configure a php file when this should be done from the application we are trying to build for them.
  3.  It’s bulky.
    • 1289 files
    • 462 folders
    • 6.77 MB (after unzip)
    • Integrating SAML into an application should not be this expensive…

I hope that they find a way to release a “lite” version of this application that make it more accessible to other application projects.

For now I would recommended looking at PHP SAML by OneLogin.  No installation required,  its much lighter and looks like it’s much easier to integrate with applications.  I’ll let you know my development with this one goes.