You need to have the xmlsec1 and xmlsec1-openssl packages installed before installing Products.SAML2Plugins. The package names differ between operating systems:

  • macOS: brew install libxmlsec1

  • RedHat 9 and derivatives: dnf install xmlsec1 xmlsec1-openssl

  • Ubuntu 22.04: apt-get install xmlsec1


If you need to support newer digest, signature or encryption algorithms make sure to install xmlsec1 version 1.3.0 or higher. The German Elster Identity Provider, for example, requires algorithms not supported by earlier versions.

Building xmlsec1 from source

If you build xmlsec1 from source in non-standard filesystem locations you may run into issues loading the library. On Linux you can set the environment variable LD_LIBRARY_PATH to the path where the library can be loaded. For example, if you set the --prefix configure script setting to /home/zope/local the xmlsec1 library will be installed into /home/zope/local/lib. To find it, set LD_LIBRARY_PATH=/home/zope/local/lib. If you use plone.recipe.zope2instance to build your Zope instance, simply add the following to its buildout section to set the variable automatically:

environment-vars =
    LD_LIBRARY_PATH /home/zope/local/lib

Install with pip

$ pip install Products.SAML2Plugins

Install with zc.buildout

Just add Products.SAML2Plugins to the eggs setting(s) in your buildout configuration to have it pulled in automatically:

eggs =