Search Results :

×

SAML Single Sign-On (SSO) in Tableau Server (SP) | TYPO3 – Tableau Server SSO Login

Tableau Server SAML Single Sign-On (SSO) with TYPO3 as SAML IdP . TYPO3 SAML IdP extenstion gives you the ability to use your TYPO3 credentials to login into Tableau Server (SP). Here we will go through a step-by-step guide to configure SSO between Tableau Server as SP (Service Provider) and TYPO3 as IDP (Identity Provider).

Pre-requisites: Download and Installation

1. Installing SAML IDP extension in TYPO3
  • Download the zip file of the SAML IDP extension from TYPO3 marketplace
  • Go to your TYPO3 backend, and click on Extensions section at the left side of your screen.
  • Upload the zip file, as represented in the below image or you can unzip the plugin zip into 'Typo3 root folder/typo3conf/ext' directory.
    • Typo3 SAML idp SSO plugin
  • Now search for the "miniOrange SAML IDP" in Installed extensions section and activate the extension by clicking on activate button.
    • Typo3 SAML SSO create frontend
  • After installation, click on the newly installed extension "miniOrange SAML IDP extension" for TYPO3 SSO and login with your registered miniOrange credentials.
  • After entering username and password you will require license key to proceed further if you are a premium customer. (You will get this key from the miniOrange team. After entering license key, you can activate the license and proceed further.)
  • If you are not a premium customer you can direcly login submitting miniOrange credentials.
  • After successful login, you can see the details related to your account.
  • Now you are ready to configure your Service Provider. But, it's important to integrate frontend first.
2. Integrate extension with TYPO3
  • Now you have to design your frontend by left clicking on the Home tab then click on New Subpage
    • Typo3 SAML SSO create frontend
  • You need to add STANDARD page within the HOME page.
  • Enter the Standard Page name as: FESAML.
    • FESAML page Typo3 Single Sign-On
  • Click on FESAML Page and click on Add content. Go to plugins and add FESAML Plugin.
    • Typo3 SAML login add content
  • Navigate to plugin tab and select FESAML plugin. Add website users in Record Storage Page and save the settings.
    • Typo3 login add website users
  • If you need to make changes in URL segment, which will also be your initial SSO URL, right click on FESAML page, select edit and click on "toggle URL" button to set URL according to your way.
    • Typo3 SAML sign-in edit SSO URL
  • Also, you must create at least one group as TYPO3 doesn’t allow to create users unless there’s one usergroup at least.
  • To create group go to list tab from the left panel, click on Website users folder and hit the "+" button at the top of the screen.
    • create group Typo3 OIDC single sign on
  • Now select Websiteuser group ? from the list.
    • Typo3 SAML SSO website users group
  • Insert Group Name in group title section and click on Save button at the top. User group will be created.
    • User group created Typo3 SAML SSO
  • You can also create a SSO button on login page. Click on Home, proceed to the +Content option.
    • Typo3 SAML SSO add content
  • Switch to Special elements tab and select Plain HTML.
    • Plain html to create miniorange SSO button
  • Here what you will be doing is, you are adding SSO login button, URL in the button section will be of FESAML Standard Page.
  • The code snippet to do so is mentioned in the given image. Enter the code and hit the Save button at the top.
    • SSO button on frontend Typo3 SAML SSO
  • Now you can configure plugin in the backend.

Steps to configure Tableau Server SAML Single Sign-on ( SSO ) Login into TYPO3

1. Configure Tableau Server as Service Provider

  • Log in to your Tableau Services Manager as Admin Account.
  • Navigate to the Configuration tab and select User Identity & Access from left menu bar.
  • Click on Authentication Method.
Tableau Server Single Sign-On - click on configuration tab and select user identity & access, then click on authentication method

When you are configuring Tableau Server as SAML SP, follow these steps:

  • In the miniOrange SAML IDP extension, navigate to the "IDP Metadata" tab to find "IDP Entity ID/Issuer," "SAML Login URL," and "Certificate" fields (Optional). keep it handy.
    • IDP Entity ID/Issuer Enter your TYPO3 base URL
    SAML Login URL Enter your Fesaml page URL
    TYPO3 saml idp - idp metadata tab
miniorange img   In Tableau Step 1:
  • Select "SAML" under "Authentication Method".
  • Enable SAML authentication for the server by checking the box.
    • Tableau Server
    return URL    		 Enter the URL that Tableau Server users will access.
    SAML Entity ID The entity ID uniquely identifies your Tableau Server installation to the IDP. You can enter your Tableau Server URL again here.
    SAML certificate
    and key files    		 Click on Select File to upload the SAML x.509 certificate and SAML key.
    You can generate the self-signed certificate using OpenSSL using the following command
    openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout cert.key -days 365 -out cert.crt
    Tableau Single Sign-On - enter the rquired information to configure tableau server as saml sp
miniorange img   In Tableau Step 2:
  • Click the "Download XML Metadata File" button to download the file. This file is required to set up TYPO3 as an IDP and keep it handy.
    • Tableau Single Sign-On - download xml metadata file and upload it service provider setup tab of TYPO3
miniorange img   In SAML IDP Extenstion Step 3:
  • Navigate to the "IDP Metadata" tab of the TYPO3 SAML IDP module and click the "Download XML Metadata" button.
miniorange img   In Tableau Step 4:
  • Now, click the "Select File" button and upload the "Download XML Metadata" file from the above step 3.
    • Tableau Single Sign-On - step 4 - upload the downloaded metadata file of saml idp metadata file, click on select and upload it.
miniorange img   In Tableau Step 5:

    Note: In some cases, you may need to change the assertion values in the Tableau Server configuration to match the assertion names that are passed by your IDP.

  • Enter the assertion values that you want to map during SSO.
    • Username username
    Display name displayName
    Email email
    Configure SAML SSO in Tableau Server (SP) with TYPO3 - Tableau Single Sign on
miniorange img   In Tableau Step 6:
  • You can check or uncheck the checkbox if you wish to enable or disable the SAML Single Logout.
    • Configure SAML SSO in Tableau Server (SP) with TYPO3 - Tableau Single Sign on
  • Click on Save Pending Changes and then click on Pending Changes at the top of the page.
    • Configure SAML SSO in Tableau Server (SP) with TYPO3 - Tableau Single Sign on
  • Click Apply Changes and Restart to restart your Tableau server.

2. Configure TYPO3 as Identity Provider

  • In the miniOrage SAML Identity Provider extension, go to Service Provider settings tab of the extension.
  • Provide the required settings (i.e. Service provider name, SP Entity ID/Issuer, ACS URL, Relaystate) find to your Service Provider Tableau Server and click on Save button to save your configuration.
    • Tableau Single Sign-On - download xml metadata file and upload it service provider setup tab of TYPO3

3. SSO Testing

  • Open a new browser or private incognito window and enter your Tableau Server URL, which will redirect you to the TYPO3 login screen.
  • Enter your TYPO3 credentials and click the log in button.
  • If you are redirected to your Tableau Server start page and successfully logged in, your configuration is correct.

Additional Resources


If you are looking for anything which you cannot find, please drop us an email on info@xecurify.com

Hello there!

Need Help? We are right here!
support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com