@@ -23,7 +23,7 @@ Examples of neat things to do using Authentication Processing Filters:
* Ask the user for consent, before the user is sent back to a service.
* Implement basic Access Control on the IdP (not neccessarily a good idea), limiting access for some users to some SPs.
Be aware that Authentication Proccessing Filters do replace some of the preivous features in SimpleSAMLphp, named:
Be aware that Authentication Proccessing Filters do replace some of the previous features in SimpleSAMLphp, named:
*`attributemap`
*`attributealter`
...
...
@@ -176,4 +176,6 @@ Requirements for authentication processing filters:
- No state information should be stored in the filter object. It must instead be stored in the request state array. Any changes to variables in the filter object may be lost.
- The filter object must be serializable. It may be serialized between being constructed and the call to the `process`-function. This means that, for example, no database connections should be created in the constructor and later used in the `process`-function.
*Note*: An Auth Proc Filter will not work in the "Test authentication sources" option in the web UI of a SimpleSAMLphp IdP. It will only be triggered in conjunction with an actual SP. So you need to set up an IdP *and* and SP when testing your filter.
Don't hestitate to ask on the SimpleSAMLphp mailinglist if you have problems or questions, or want to share your *Auth Proc Filter* with others.
