SAML Single Sign-On (SSO) into Moodle using Joomla IDP Plugin
Overview
What is Moodle?
Moodle is an open-source file hosting application provides services for business and personal use. It is a
flexible tool which manages file and data synchronization. It helps users to store files, folders, contacts, photo
galleries, calendars and more on a server of your choice. It is a self-hosted file sync and share server that is all
under your control. Content can be shared by defining granular read/write permissions between users and groups. To
use the application effectively you can be logged in into Moodle using SSO. Single sign-on helps employees save
time, prevents lost or forgotten passwords, and reduces the risk of password theft.
Install Joomla SAML IDP Plugin
- Login into your Joomla site’s Administrator console.
- From left toggle menu, click on System, then under Install section click on Extensions.
- Now click on Or Browse for file button to locate and install the plugin file downloaded earlier.
- Installation of plugin is successful. Now click on Start Using miniOrange SAML IDP Plugin to configure miniOrange Joomla IDP plugin.
- Go to the miniOrange Joomla IDP plugin, navigate to the Identity Provider tab.
- Here, you can find the Identity Provider Metadata XML URL/File or endpoints like IDP Entity ID, SAML Login URL, SAML Logout URL (Premium Feature), and Certificate for SP configuration. Download the XML Metadata by clicking on the button as shown below.
Configuration Steps
In this setup, Joomla serves as the repository for storing users i.e. it will act as the IDP while Moodle is where users will log in using their credentials from Joomla where Joomla SAML IDP SSO Plugin will be installed.
Step 1: Configure Moodle as SP (Service Provider)
- Log in to your Moodle administrator account.
- To configure Joomla as IDP with Moodle, you will need to install the miniOrange SAML 2.0 SSO plugin.
- Then in the miniOrange SAML SSO plugin, go to the Plugins tab. There are two ways to configure the plugin:
A. By uploading IDP metadata:
- Enter the IDP Name.
- In the Service Provider Setup section choose Metadata URL/XML from Select the Method dropdown.
- Copy and paste the IDP metadata URL or XML file in IDP Metadata URL/XML input field.
- Click on the Click here to Test the configuration.
B. Manual Configuration:
- Provide the required settings (i.e. IDP Name, IDP Entity-ID or Issuer, SAML Login URL, X.509 Certificate) as provided by your Identity Provider.
- Click on the Click here to Test the configuration.
Step 2: Configure Joomla as IDP (Identity Provider)
- Now go to Components -> miniOrange Joomla IDP -> Service Provider.
- Navigate to the Service Provider tab and complete the fields for Service Provider Name, SP Entity ID or Issuer, ACS URL, and NameID Format. Refer to this step to get Service Provider details. Fill in the other fields according to your requirements. Click on Save.
Enter the following values:
| Service Provider Name | Choose appropriate name according to your choice |
| SP Entity ID or Issuer | Service Provider Entity ID |
| ACS URL | SP Assertion Consumer Service URL |
| X.509 Certificate (optional) [For Signed Request] | Paste certificate value you copied from the Metadata file |
| NameID Format | Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress |
| Assertion Signed | Checked |
- Now click on Advance Mapping tab. Select the NameID Attribute and then click on Save Button.
- You have successfully completed your miniOrange Joomla SAML 2.0 IDP configurations.
Step 3: Attribute Mapping - Premium Feature
- In the miniOrange Joomla IDP plugin, navigate to the Advance Mapping tab.
- Here, you can configure Custom attribute mapping and also add additional User Attributes.
- You have successfully configured Single Sign-On with Moodle as Service Provider and Joomla as Identity Provider. If you require any further support or, if you are facing any difficulty please mail us on joomlasupport@xecurify.com
