Drupal SimpleSAML SSO setup will allow your user to login to your Drupal site using their SimpleSAML Credentials. Drupal SAML module gives the ability to enable SAML Single Sign-On for Drupal. Drupal module is compatible with all SAML Identity Providers. Here we will go through a guide to configure SAML SSO between Drupal and SimpleSAML. By the end of this guide, users from SimpleSAML should be able to login into the Drupal site, you can download module click here
Follow the steps below to configure SimpleSAML as IdP:
Configure SimpleSAML as IdP
<?php
$config = [
'example-userpass' => [
'exampleauth:UserPass',
'student:studentpass' => [
'uid' => ['student'],
'eduPersonAffiliation' => ['member', 'student'],
],
'employee:employeepass' => [
'uid' => ['employee'],
'eduPersonAffiliation' => ['member', 'employee'],
],
],
];
[
'uid' => ['student'],
'eduPersonAffiliation' => ['member', 'student'],
],
openssl req -newkey rsa:3072 -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
The certificate above will be valid for 10 years.
example.org.crt //(Public Key)
example.org.pem //(Private Key)
<?php
$metadata['__DYNAMIC:1__'] = [
/*
* The hostname for this IdP. This makes it possible to run multiple
* IdPs from the same configuration. '__DEFAULT__' means that this one
* should be used by default.
*/
'host' => '__DEFAULT__',
/*
* The private key and certificate to use when signing responses.
* These are stored in the cert-directory.
*/
'privatekey' => 'example.org.pem',
'certificate' => 'example.org.crt',
/*
* The authentication source which should be used to authenticate the
* user. This must match one of the entries in config/authsources.php.
*/
'auth' => '' Example:- 'example-userpass', // You can find this in Step Number 3
];
<?php
$metadata['https://example.com/plugins/authentication/miniorangesaml/'] = [
'AssertionConsumerService' => 'https://example.com/samlassertion',
'SingleLogoutService' => 'https://example.com/user/logout',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
'simplesaml.nameidattribute' => 'mail',
'simplesaml.attributes' => true,
'attributes' => array('mail', 'givenname', 'sn', 'memberOf'),
];
Manual Configuration :
Single Sign-On Service URL | Identity Provider Sign-in URL from Identity Provider Info in your Simple SAML APP. |
IdP Entity ID or Issuer | Issuer from Identity Provider Info in your Simple SAML App |
X.509 Certificate: | Open the .cer certificate file in notepad and copy/paste the entire content of the file. |
sso id, onelogin, single sign on, saml, adfs, Service provider, Drupal extensions, single sign-on sso, Web sso, miniorange, Drupal module, signle sign on solutions, Salesforce, saml php, saml authentication, SAML Service provider, saml 2.0 specification, google idp, assertion consumer service, Drupal saml acs url, saml issuer, saml claims, Drupal salesforce as Identity Provider, single sign on solution open source, saml 2.0 identity provider, saml idp vs sp, SAMl 2.0, SAML SP metadata, saml client, saml library, saml documentation, saml attribute mapping, Drupal SSO, best single sign on solution, saml relying party, Drupal authentication module.
Business Trial For Free
If you don't find what you are looking for, please contact us at drupalsupport@xecurify.com or call us at +1 978 658 9387.