Drupal ownCloud SSO | Login to ownCloud using Drupal as IdP
Drupal ownCloud SSO Integration will allow you to configure Single Sign On ( SSO ) login between your Drupal site and ownCloud. ownCloud SSO integration with your Drupal site will help your users to login into ownCloud using their Drupal credentials.
This SSO setup will also help you to manage your users in one single place. The Drupal SAML IDP - SAML 2.0 Identity Provider Single Sign-On SSO module is compatible with Drupal 7, Drupal 8 as well as Drupal 9. Here we will go through a step-by-step guide to configure SAML IDP SSO login between ownCloud as SP ( Service Provider ) and Drupal as IDP ( Identity Provider ).If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule an online meeting to help you configure the Drupal SAML IDP 2.0 Single Sign On (SSO) - SAML Identity Provider module.
Installation Steps
- Download the module:
composer require 'drupal/miniorange_saml_idp'
- Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Identity Provider using the search box.
- Enable the module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml_idp/idp_setup
- Install the module:
drush en miniorange_saml_idp
- Clear the cache:
drush cr
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml_idp/idp_setup
- Navigate to Extend menu on your Drupal admin console and click on Install new module button.
- Install the Drupal SAML IDP 2.0 Single Sign On (SSO) - SAML Identity Provider module either by downloading the zip or from the URL of the package (tar/zip).
- Click on Enable newly added modules.
- Enable this module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml_idp/idp_setup
About ownCloud
ownCloud is an open-source file hosting application that provides services for business and personal use. It is a flexible tool which manages file and data synchronization. It helps users to store files, folders, contacts, photo galleries, calendars and more on a server of your choice. It is a self-hosted file sync and share server that is all under your control. Content can be shared by defining granular read/write permissions between users and groups. To use the application effectively, you can be logged in into ownCloud using SSO. Single sign-on helps employees save time, prevents lost or forgotten passwords, and reduces the risk of password theft.
Challenge
To achieving Single Sign-On between Identity Provider (Drupal) and Service Provider ( ownCloud ) both need to supports SAML. ownCloud supports SAML connection, but it is supported in the ownCloud enterprise version. Single Sign-On users can log in to IdP based sites and gain access to ownCloud services. Identity Provider can manage the identity details of users and give the authorization to use the resources of the service provider.
Solution
The SAML IDP plugin makes SAML connection between Drupal and ownCloud. miniOrange SAML IDP Plugin is an authentication component that serves identity details to the service provider for on-premise, cloud, and mobile. SAML single sign-on (SSO) compliance makes it possible for users to authenticate through an identity provider when they log in to ownCloud applications. SAML SSO module acts as an Identity Provider which can be configured to build the trust between the module and ownCloud Service Provider. SAML exchanges security and identity-related information such as authorization and authentication. The user can easily log in to ownCloud using their Drupal credentials.
How miniOrange SAML plugin can work for ownCloud?
Steps to configure ownCloud SAML Single Sign-on ( SSO ) Login into Drupal site
1. Configure Drupal as Identity Provider
- Go to IDP Metadata tab, Here you can Download XML Metadata file and Metadata URL and Keep it handy to configure your Service Provider (ownCloud Online).
- In the miniOrage SAML Identity Provider module, go to Service Provider Setup tab of the module. There are two way to configure Drupal SAML Identity Provider SSO module:
- Click on UPLOAD SP METADATA link.
- Click on Upload Metadata File and click on Upload to fetch your information.
- You can either Upload Metadata URLand click on Fetch Metadata button.
- Provide the required settings (i.e. Service Provider Name, SP Entity ID or Issuer, ACS URL, SAML Logout URL and X.509 Certificate ) find to your Service Provider ownCloud Online as SP and click on Save Configuration button to save your configuration. Then scroll down and click on Test Configuration button to redirect your Service Provider login page (ownCloud Online).
- Log in to your ownCloud’s Admin Console.
- Go to Security Settings.
- Under Security Settings go to Setup up single sign-on (SSO) settings.
- You will need to provide the following information in ownCloud from the plugin’s IDP METADATA Tab under the Setup SSO with Third party Identity Provider Section:
- What is Single Sign-On (SSO)
- What is SAML?
- What is SSO? How works SAML SSO authentication?
- Frequently Asked Questions (FAQs)
A. By Uploading SP Metadata
B. Manual Configuartion
| Service Provider Name | ownCloud(You can enter any name) |
| SP Entity ID or Issuer | ownCloud Entity ID |
| ACS URL | ownCloud ACS URL |
| Single Logout URL | Single Logout URL of the ownCloud. |
| X.509 Certificate (optional)[For Signed Request] | Paste X.509 Certificate from STEP 1 for Signed Request. |
| NameID Format | Select NameID format for ownCloud |
| Assertion Signed | ownCloud signed Assertion. |
2. Configure ownCloud as Service Provider
There are two ways to setup the ownCloud. You can either import the metadata url of the IdP or provide individual values required by the ownCloud from Drupal Identity Provider (module). You can find both under IDP METADATA tab in the module.
Here is an example of setting up ownCloud as a Service Provider.
| Sign-in page URL | SAML Login URL from the IDP METADATA Tab. |
| Sign-out page URL | SAML Logout URL from the IDP METADATA Tab. |
| Verification Certificate | Upload the certificate from the IDP METADATA Tab |
3. Attribute Mapping
If your Service Provider needs an extra user attributes or custom attributes to be sent in the SAML response then you can configure this under the Attribute/Role Mapping Tab.24*7 Active Support
If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SAML Identity Provider - SAML IDP SSO Login modules or call us at +1 978 658 9387.
Free Trial
If you would like to test out the module to ensure your business use case is fulfilled, we do provide a 7-day trial. Please drop us an email at drupalsupport@xecurify.com requesting a trial. You can create an account with us using this link.
Additional Resources
Our Other modules
Need Help? We are right here!
