Just a quicky for those who are trying to integrate SAML authentication into their app using SimpleSAMLPhp.

Here’s the problem: You’ve set up your client SP, and you’re talking to a remote IdP. You’ve tested your authentication using the SimpleSAML web interface on your SP, but whenever you try it from your app, you hit an exception.

SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace:
0 /path/to/simplesamlphp-1.13.2/www/module.php:179 (N/A)
Caused by: Exception: The POST data we should restore was lost.
Backtrace:
1 /path/to/simplesamlphp-1.13.2/modules/core/www/postredirect.php:38 (require)
0 /path/to/simplesamlphp-1.13.2/www/module.php:134 (N/A)

Assuming no esoteric input filtering, the problem is likely to be in your cookie settings.

If your app creates its own session, it is likely to be creating its own cookie with its own name. E.g.

session_name('FooApp');

You must modify your SimpleSAMLPHP config to use the same session name by modifying config.php and setting 'session.phpsession.cookiename' => 'FooApp' to match.

Simple… but it took me quite a while of being convinced I’d screwed up the server config to track down!

Hope this saves someone some time.