SimpleSAMLphp + Nginx

Ugh, this was weeks in the making. I want to use SimpleSAMLphp but I prefer Nginx over Apache. As of right now I can’t find any official documentation for installing on Nginx but they say it should work and shouldn’t be too hard. There’s a couple of threads out there but they were all old configs (two plus years) and none of them worked for me. Finally, after many hours (including giving up for a couple of weeks and just firing up a dedicated Apache server before coming back) I finally found one that works for me.

First, don’t clone from git but download the most recent version as a zipped resources. This is important because the paths in git (I think) aren’t all setup completely and are expected to be resolved via some dependency resolver.

Second, extract the zip file somewhere, in my case /var/www/simplesamlphp.

Third, use this for your location block:

    location ^~ /simplesaml {
        alias /var/www/simplesamlphp/www;
        location ~ ^(?/simplesaml)(?.+?\.php)(?/.*)?$ {
          include fastcgi_params;
          fastcgi_pass unix:/var/run/php5-fpm.sock;
          fastcgi_param SCRIPT_FILENAME $document_root$phpfile;
          fastcgi_param PATH_INFO       $pathinfo if_not_empty;
        }
    }

If you want to use a different URL endpoint you can change simplesaml above in the location lines to match your value in config/config.php for the baseurlpath value.

  • Peter Nixon

    Using your nginx config generates this error for me:
    nginx: [emerg] pcre_compile() failed: unrecognized character after (? or (?- in “^(?/simplesaml)(?.+?.php)(?/.*)?$” at “/simplesaml)(?.+?.php)(?/.*)?$” in /etc/nginx/nginx.conf:89
    nginx: configuration file /etc/nginx/nginx.conf test failed

    • Did you find a solution?

      • Peter Nixon

        Absolutely. The solution given by Chris is correct however I think his config snippet got butchered by wordpress when he posted it to the blog. This is how it should look:

        location ^~ /simplesaml {
        alias /var/www/simplesamlphp/www;
        location ~ ^(?/simplesaml)(?.+?.php)(?/.*)?$ {
        include fastcgi_params;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$phpfile;
        fastcgi_param PATH_INFO $pathinfo if_not_empty;
        }
        }

    • Spleshka

      Thanks mate for sharing, this solution works for me.