Search Results :

×

Contents

SAML Single Sign-On (SSO) into Moodle using Joomla IDP Plugin

Single Sign-On in AWS AppStream using Joomla IDP allows users to log in to AWS AppStream using Joomla by configuring AWS AppStream as a Service Provider (SP) and Joomla as a SAML Identity Provider (IDP). This guide will take you through a step-by-step process to configure SSO between the two platforms.

What is AWS AppStream?
Amazon AppStream is an Amazon Web Service (AWS) that enables compute-intensive applications to be the streamed from Amazon servers in the cloud to local computing devices.

download plugin button Download Plugin plugin pricing button plugin pricing button Pricing Plans free trial plugin free trial plugin Free Trial
  • Login into your Joomla site’s Administrator console.
  • From left toggle menu, click on System, then under Install section click on Extensions.
  • Now click on Or Browse for file button to locate and install the plugin file downloaded earlier.
Install Joomla SAML IDP Plugin

  • Installation of plugin is successful. Now click on Start Using miniOrange SAML IDP Plugin to configure miniOrange Joomla IDP plugin.
Get Started with SAML IDP Setup

  • Go to the miniOrange Joomla IDP plugin, navigate to the Identity Provider tab.
  • Here, you can find the Identity Provider Metadata XML URL/File or endpoints like IDP Entity ID, SAML Login URL, SAML Logout URL (Premium Feature), and Certificate for SP configuration. Download the XML Metadata by clicking on the button as shown below.
Joomla SAML IDP Metadata

In this setup, Joomla serves as the repository for storing users i.e. it will act as the IDP while Moodle is where users will log in using their credentials from Joomla where Joomla SAML IDP SSO Plugin will be installed.

  • Login to your Amazon Web Services (AWS) Console as an admin.
  • Click on Services Tab. Under Security, Identity, & Compliances, click on IAM (Identity and Access Management).
AWS AppStream SSO with Joomla IDP
  • From the left-hand side list, click on Identity Providers and then click on Create Provider button in the right section.
AWS AppStream SSO with Joomla IDP
  • In the Configure Provider, select SAML as Provider and Enter any Provider Name (e.g miniOrange).
  • Click on Choose File button and choose a metadata file that you have already downloaded in Step 1, then click on Create Provider button.
AWS AppStream SSO with Joomla IDP
  • The SAML Provider is created and it should be listed in the Provider table.
AWS AppStream SSO with Joomla IDP

    Create/Add Role

  • Now click on Roles from the left-hand side list and then click on Create role button.
AWS AppStream SSO with Joomla IDP
  • In the Create Role section, click on SAML 2.0 federation tab.
  • Under Choose SAML 2.0 Provider, select the SAML Provider that you have created previously i.e Miniorange.
  • After that, choose Allow programmatic access only radio option.
  • Select SAML:aud option from the Attribute drop-down list.
  • Enter the value as https://signin.aws.amazon.com/saml.
  • Then, click on Next button.
AWS AppStream SSO with Joomla IDP
  • Check the Policy Name AmazonEC2ReadOnlyAccess and click on Next button.
AWS AppStream SSO with Joomla IDP
  • Click on your created role name.
  • In the Summary section, copy Role ARN.
AWS AppStream SSO with Joomla IDP
  • Keep the values with you in comma separated format. For example- arn:aws:iam::656620318436:role/SSORole,arn:aws:iam::656620318436:saml-provider/miniorange

    Add attributes for AWS AppStream

  • Enter the value https://aws.amazon.com/SAML/Attributes/RoleSessionName in the Attribute Name field and select E-Mail Address from the Attribute Value dropdown list.
  • Click on the '+' icon besides Additional User Attributes to add another set of attributes and enter the value https://aws.amazon.com/SAML/Attributes/Role in the Attribute Name field and enter the machine name whose value here (arn:aws:iam::656620318436:role/SSORole,arn:aws:iam::656620318436:saml-provider/miniOrange) you want to send to SP.
  • select Custom Attribute Value from the Attribute Value list and in the Custom Attribute Value, enter comma separated value that created in step 3 e.g.[arn:aws:iam::656620318436:role/SSORole,arn:aws:iam::656620318436:saml-provider/miniOrange].
  • Now go to Components -> miniOrange Joomla IDP -> Service Provider.
miniOrange Joomla IDP Service Provider tab

  • Navigate to the Service Provider tab and complete the fields for Service Provider Name, SP Entity ID or Issuer, ACS URL, and NameID Format. Refer to this step to get Service Provider details. Fill in the other fields according to your requirements. Click on Save.

Enter the following values:

Service Provider Name Choose appropriate name according to your choice
SP Entity ID or Issuer Service Provider Entity ID
ACS URL SP Assertion Consumer Service URL
X.509 Certificate (optional) [For Signed Request] Paste certificate value you copied from the Metadata file
NameID Format Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Assertion Signed Checked
Upload SP Metadata

  • Now click on Advance Mapping tab. Select the NameID Attribute and then click on Save Button.
Joomla SAML IDP Advance Mapping

  • You have successfully completed your miniOrange Joomla SAML 2.0 IDP configurations.
  • In the miniOrange Joomla IDP plugin, navigate to the Advance Mapping tab.
  • Here, you can configure Custom attribute mapping and also add additional User Attributes.
Joomla Custom Mapping

  • You have successfully configured Single Sign-On with Moodle as Service Provider and Joomla as Identity Provider. If you require any further support or, if you are facing any difficulty please mail us on joomlasupport@xecurify.com

ADFS_sso ×
Hello there!

Need Help? We are right here!
support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com