I am trying to set up SSO for a php web application. I have configured mod_auth_mellon with apache to redirect to my Idp auth page, and am getting a cookie in response to the login.
My httpd.conf contains the following:
MellonCacheSize 100
MellonLockFile "/var/run/mod_auth_mellon.lock"
MellonPostTTL 900
MellonPostSize 1048576
MellonPostCount 100
<Location /secret>
Require valid-user
AuthType "Mellon"
MellonEnable "auth"
MellonVariable "cookie"
MellonSecureCookie On
MellonCookiePath /
MellonUser "NAME_ID"
MellonMergeEnvVars On
MellonMergeEnvVars On ":"
MellonEnvVarsIndexStart 1
MellonSessionDump Off
MellonSamlResponseDump Off
MellonEndpointPath "/secret/endpoint"
MellonDefaultLoginPath "/"
MellonSessionLength 86400
MellonNoCookieErrorPage "https://example.com/no_cookie.html"
MellonSPMetadataFile /etc/apache2/mellon/sp-metadata.xml
MellonSPPrivateKeyFile /etc/apache2/ssl.key
MellonSPCertFile /etc/apache2/ssl.crt
MellonIdPMetadataFile /etc/apache2/mellon/idp-metadata.xml
MellonSamlResponseDump Off
MellonSessionDump Off
MellonAuthnContextClassRef "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
MellonECPSendIDPList Off
MellonRedirectDomains [self]
</Location>
I am getting a result when I have an index.php:
<?php
print_r( $_COOKIE["mellon-cookie"] );
?>
It looks like: 6ce7d6484360f5a98683e0ae87738635
How do I use this to get the username to send to my application?
Edit: I've tried looking at the output of the following:
print_r( $_REQUEST );
print_r( $_SESSION );
print_r( $_POST );
print_r( $_GET );
The data is stored in the $_SERVER variable in php.
The following php prints all keys and values.
<?php
header('Content-Type: text/plain');
foreach($_SERVER as $key=>$value) {
if(substr($key, 0, 7) == 'MELLON_') {
echo($key . '=' . $value . "\r\n");
}
}
?>