Anais Pantheor
Forum Replies Created
-
Forum: Plugins
In reply to: [WP SAML Auth] SAML Replay AttackHello @meenasekar,
Thank you for the report! We are looking into this now and will work on a fix if any adjustments are needed in the plugin code.We appreciate your patience while we get this sorted.
Forum: Plugins
In reply to: [WP SAML Auth] Allow multiple MFA types@sentrypress, find this excerpt from the readme.txt about installing the filter.
Where to add configuration code: When using the filter-based configuration approach, add your code to a location that loads before the plugin initializes. You can create a custom must-use plugin or add the code to your theme’sfunctions.phpfile (note: theme-based configuration will need to be migrated if you switch themes).Forum: Plugins
In reply to: [WP SAML Auth] Allow multiple MFA typesHi @sentrypress, thank you for the update.
Would you mind first confirming that you have added the following filter? Without it set up, the problem will persist.
readme.txt
If you’re using the OneLogin connection type and need to modify theinternal_config(e.g. to setrequestedAuthnContexttofalse), you can use thewp_saml_auth_internal_configfilter:/** * Modify the OneLogin SAML configuration. */ add_filter( 'wp_saml_auth_internal_config', function( $config ) { $config['security'] = array( 'requestedAuthnContext' => false, ); return $config; } );Hopefully, this should be enough to fix the sso error.
Forum: Plugins
In reply to: [WP SAML Auth] Authcontext prevents loginHi @shonu, it looks like you have missing values in your configuration:
idp_entityId_not_foundidp_sso_not_foundidp_cert_or_fingerprint_not_foundWere they setup along with the other values?
- This reply was modified 2 months, 4 weeks ago by Anais Pantheor.
Forum: Plugins
In reply to: [WP SAML Auth] Authcontext prevents loginHi @shonu,
The functionswpsa_filter_optionandwp_saml_auth_internal_configshould be added to a custom mu-plugin (must-use plugin) to prevent them from being overwritten during updates. Alternatively, you can add these filters to your theme’sfunctions.phpfile, though they would also be at risk of being overwritten if the theme updates. While they could be added directly to our plugin files, they would be lost during our next plugin update.The connection type is a matter of preference:
- OneLogin: This library is bundled with the plugin, configured via WordPress filters or the Settings page. This is the recommended one.
- SimpleSAMLphp: Requires a separate Composer installation and manual configuration files.
In your case, the
RequestAuthissue can be resolved by adding thewp_saml_auth_internal_configfilter to a mu-plugin (or similar). Just ensure it loads before our plugin to take full effect. This filter only works when connection_type is set to ‘internal’.I apologize for any confusion, and I hope I’m not over-explaining or missing your point. We have updated the README to clarify these configuration steps. If you have any further questions, please let us know!
Example: Create /wp-content/mu-plugins/wp-saml-auth-config.php with:<?php
// Set connection type to internal (bundled OneLogin library)
add_filter( 'wp_saml_auth_option', function( $value, $option_name ) {
if ( 'connection_type' === $option_name ) {
return 'internal';
}
return $value;
}, 10, 2 );// Fix Azure AD requestedAuthnContext issue
add_filter( 'wp_saml_auth_internal_config', function( $config ) {
$config['security']['requestedAuthnContext'] = false;
return $config;
} );Forum: Plugins
In reply to: [WP SAML Auth] Authcontext prevents loginHi @shonu, the plugin update may have overwritten your configuration.
If the change was made directly in /wp-saml-auth.php, then the above configuration got updated.
You definitely need to double check your existing configurations, wherever they were updated that:'connection_type' => 'internal'
If not, please update.
Also, please check your requestedAuthnContext filter, it should look like this:add_filter( 'wp_saml_auth_internal_config', function( $config ) {
$config['security']['requestedAuthnContext'] = false;
return $config;
} );
The added fix mentioned above should fix the requestedAuthnContext issue overall.
Let us know how it goes.- This reply was modified 3 months ago by Anais Pantheor.
Forum: Plugins
In reply to: [WP SAML Auth] Authcontext prevents loginForum: Plugins
In reply to: [WP SAML Auth] Unnecessary Error LoggingHi @tekfused, as replied in a similar topic here: https://wordpress.org/support/topic/simplesamlphp-base-directory-missing-error/, the new release should remove this error log.
Let us know if you encounter any unexpected error logs.Forum: Plugins
In reply to: [WP SAML Auth] SimpleSAMLphp base directory Missing ErrorHi @meenasekar, the update has just been released. The log should be gone now. Let us know if anything arises.
Forum: Plugins
In reply to: [WP SAML Auth] Allow multiple MFA typesHello @sentrypress, the update has been released. Please let us know if this improve your experience with the plugin.
Forum: Plugins
In reply to: [WP SAML Auth] Allow multiple MFA typesHello, we will be releasing it in the next few days. Thank you for your patience.