Hi All,

I was able to fix the long chain of issues I was facing in configuring and getting this bundle to work together with fosUserBundle and fr3d ldap bundle. Finally. I am posting the solution here so that it may be of some help to someone !

This is how my config.yml looks -

BeSimple SSO bundle related config values

be_simple_sso_auth:
admin_sso:
protocol:
id: cas
version: 2
server:
id: cas
login_url: "%cas_login_url%"
logout_url: "%cas_logout_url%"
validation_url: "%cas_validation_url%"

FOS user bundle related config values

fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: UserBundle\Entity\User

FR3D ldap bundle related config values

fr3d_ldap:
driver:
host: "%ldap_host%"
port: "%ldap_port%"
username: "%ldap_connection_string%"
password: "%ldap_password%"
user:
baseDn: "%ldap_base_dn%" #DC=wr, DC=loc #DC=example,DC=com
filter: (&(ObjectClass=Person))
attributes:
- { ldap_attr: uid, user_method: setUsername }
- { ldap_attr: sn, user_method: setName }
- { ldap_attr: preferredlanguage, user_method: setLanguage }
- { ldap_attr: mail, user_method: setEmail }

This is how my parameters.yml looks

parameters:
database_host: 127.0.0.1
database_port: null
database_name: YourDataBaseNameComesHere
database_user: root
database_password: null
mailer_transport: smtp
mailer_host: 127.0.0.1
mailer_user: null
mailer_password: null
secret: ThisCanBeAnything

cas_login_url: YourCasLoginUrlComesHere
cas_logout_url: YourCasLogOutUrlComesHere
cas_validation_url: YourCasServiceValidateUrlComesHere

# Below mentioned lines are important and have resolved issues related to Unknown SSH protocol error, Certificate name does not match host, Self Signed Certificate etc. Certainly setting verify host and verify peer to FALSE is applicable when NOT on production

be_simple.sso_auth.client.option.curlopt_ssl_verifypeer.value: false
be_simple.sso_auth.client.option.curlopt_ssl_verifyhost.value: false
be_simple.sso_auth.client.option.curlopt_sslversion.value: 1

My routing.yml looks like this

login:
path: /login
defaults: { _controller: BeSimpleSsoAuthBundle:TrustedSso:login }

login_check:
path: /login_check

logout:
path: /logout

fos_user_security:
resource: "@FOSUserBundle/Resources/config/routing/security.xml"

fos_user_profile:
resource: "@FOSUserBundle/Resources/config/routing/profile.xml"

And finally the big piece in the puzzle, security.yml.
My security.yml looks like this [which finally made all of this working when put together]

security:
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN

encoders:
    UserBundle\Entity\User: bcrypt

providers:
    administrators:
        entity: { class: UserBundle\Entity\User }

without adding the above provider, it was resulting into redirection loop after CAS successful authentication and was throwing the error The authentication is not validated by SSO provider. Didn't spend time to find the actual reason behind this, but having above provider resolved it somehow.

    chain_provider:
        chain:
            providers: [fos_userbundle, fr3d_ldapbundle]

    fr3d_ldapbundle:
        id: fr3d_ldap.security.user.provider

    fos_userbundle:
        id: fos_user.user_provider.username

firewalls:
    main:
        pattern: ^/

        #anonymous: ~ or true  uncommenting this line will result in the error loginAction expects $manager, null given error.

        form_login: ~
        provider: chain_provider
        trusted_sso:
            manager: admin_sso
            provider: chain_provider
            login_action: false #BeSimpleSsoAuthBundle:TrustedSso:login
            logout_action: false #BeSimpleSsoAuthBundle:TrustedSso:logout
            create_users: true
            created_users_roles: [ROLE_USER, ROLE_ADMIN]
            default_target_path: homepage
            always_use_default_target_path: true
            login_path: /login
            check_path: /

        logout:
          path: /logout
          target: /login

        remember_me:
          secret: '%secret%'
          lifetime: 604800 # one week in seconds
          path: /

These settings will perhaps take care of the possible 5-6 issues (listed below)

Unknown SSH protocol, Self Signed Certificate Error, Certificate Subject does not match Host, Authentication not validated by SSO provider, Looped Redirection and so on

These bothered me for quite a few days in setting this up and getting this working. Hope this helps someone !!!

from besimplessoauthbundle.