Drupal SAML Shibboleth2 SSO setup will allow your user to login to your Drupal site using their Shibboleth2 Credentials. Drupal SAML module gives the ability to enable SAML Single Sign-On for Drupal. Drupal module is compatible with all SAML Identity Providers. Here we will go through a guide to configure SAML SSO between Drupal and Shibboleth2. By the end of this guide, users from Shibboleth2 should be able to login into the Drupal site, you can download module click here
<MetadataProviderxsi:type="InlineMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata" i
d="MyInlineMetadata">
<EntitiesDescriptorxmlns="urn:oasis:names:tc:SAML:2.0:metadata">
<md:EntityDescriptorxmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" e
ntityID="<ENTITY_ID_FROM_PLUGIN>">
<md:SPSSODescriptorAuthnRequestsSigned="false" WantAssert
ionsSigned="true" protocolSupportEnumeration=
"urn:oasis:names:tc:SAML:2.0:protoco
l">
<urn:oasis:names:tc:SAM
L:1.1:nameidformat:emailAddress</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oas
is:names:tc:SAML:2.0:bindings:https-POST"
Location="<ACS_URL_FROM_PLUGIN
>" index="1"/>
</md:SPSSODescriptor>
</md:EntityDescriptor>
</EntitiesDescriptor>
</MetadataProvider>
<resolver:AttributeDefinitionxsi:type="ad:Simple" id="email" sourceAttributeID="mail">
<resolver:Dependency ref="ldapConnector" />
<resolver:AttributeEncoderxsi:type="enc:SAML2StringNameID" nameFormat="urn:
oasis:names:tc:SAML:1.1:
nameid-format:emailAddress"/>
</resolver:AttributeDefinition>
<afp:AttributeFilterPolicy id="releaseTransientIdToAnyone">
<afp:PolicyRequirementRulexsi:type="basic:ANY"/>
<afp:AttributeRuleattributeID="email">
<afp:PermitValueRulexsi:type="basic:ANY"/>
</afp:AttributeRule>
</afp:AttributeFilterPolicy>
IDP Entity ID | https://<your_domain>/idp/shibboleth |
Single Login URL | https://<your_domain>/idp/profile/SAML2/ Redirect/SSO |
X.509 Certificate | The public key certificate of your Shibboleth server |
By Shibboleth2 Metadata URL :
By Uploading Shibboleth2 Metadata File:
Manual Configuration :
Identity Provider Name | For Example:Shibboleth2 |
IdP Entity ID or Issuer | SAML Entity ID in the Federation Metadata document |
SAML Login URL | SAML Single-Sign-On Endpoint URL in the Federation Metadata document |
X.509 Certificate | x.509 Certificate in the Federation Metadata document |
Business Trial For Free
If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.