3 Reasons not to use SimpleSAMLphp to provide SSO support to your PHP application.

First off I want to say that I’m sure that SimpleSAMLphp has some really great applications/uses.  As they say on their site they’ve won some awards.   However in my experience this application has several large drawbacks that prevent it from being usable for many projects.

  1. Installation?
    • If I’m going to do something with simpleSAMLphp like write an extension for a CMS or add it for use in an application that I want to wrap up for easy deployment I ABSOLUTELY DO NOT want to require people to install SimpleSAMLphp on their own to use my software.
    • This isn’t cross platform friendly (at least not in the documentation) a.k.a. no windows install instructions.
    • Granted if you download it and put it in your application you can access the pages (in module core) but that leads to…
  2. Not external database friendly.
    • Trying to make the config files dynamic is like pulling teeth.  If you try to require() anything it more than likely won’t function correctly.  I tested several scripts to parse external data from my database to set the parameters in config.php file but every-time I tried to load the  ‘/www/module.php/core/frontpage_welcome.php’ my database object would fail.
    • What is the point of forcing your end users to manually configure a php file when this should be done from the application we are trying to build for them.
  3.  It’s bulky.
    • 1289 files
    • 462 folders
    • 6.77 MB (after unzip)
    • Integrating SAML into an application should not be this expensive…

I hope that they find a way to release a “lite” version of this application that make it more accessible to other application projects.

For now I would recommended looking at PHP SAML by OneLogin.  No installation required,  its much lighter and looks like it’s much easier to integrate with applications.  I’ll let you know my development with this one goes.

WordPress Development Environment on Windows

I recently decided that I wanted to start contributing a little bit of time each week to the WordPress project.  Since I’ve already written a couple of extensions and administrate quite a few WordPress sites I figure it’s time to start giving back to the project.

The Core Contributor handbook outlines quite a bit of things you need to know in order to get started but there are always things that are linked to that start to fall out of date as time marches forward.

One step that I recently wanted to take was getting set up to perform unit tests.  As a developer I’ll be the first to admit guilt in not creating these for projects but for big projects like WordPress with distributed development and thousands of tickets it’s imperative that we have unit tests.

In this guide I will cover how to setup a complete WordPress development environment on Windows.  I’ll be covering everything from server (localhost) to SVN to Composer to PHPUnit.  We’ve got our work cut out for us so let’s get started.

Continue reading…