Joomla SAML SP Single Sign-On plugin gives the ability to enable SAML Single Sign-On for your Joomla sites. Our plugin is compatible with all the SAML compliant Identity providers. Here we will go through a step-by-step guide to configure SSO between Joomla site and SimpleSAMLphp by considering SimpleSAMLphp as IdP.
Follow the steps below to configure SimpleSAML as IdP
Configure SimpleSAML as IdP
<?php
$config = [
'example-userpass' => [
'exampleauth:UserPass',
'student:studentpass' => [
'uid' => ['student'],
'eduPersonAffiliation' => ['member', 'student'],
],
'employee:employeepass' => [
'uid' => ['employee'],
'eduPersonAffiliation' => ['member', 'employee'],
],
],
];
[
'uid' => ['student'],
'eduPersonAffiliation' => ['member', 'student'],
],
openssl req -newkey rsa:3072 -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
The certificate above will be valid for 10 years.
example.org.crt //(Public Key)
example.org.pem //(Private Key)
<?php
$metadata['__DYNAMIC:1__'] = [
/*
* The hostname for this IdP. This makes it possible to run multiple
* IdPs from the same configuration. '__DEFAULT__' means that this one
* should be used by default.
*/
'host' => '__DEFAULT__',
/*
* The private key and certificate to use when signing responses.
* These are stored in the cert-directory.
*/
'privatekey' => 'example.org.pem',
'certificate' => 'example.org.crt',
/*
* The authentication source which should be used to authenticate the
* user. This must match one of the entries in config/authsources.php.
*/
'auth' => '' Example:- 'example-userpass', // You can find this in Step Number 3
];
<?php
$metadata['https://example.com/plugins/authentication/miniorangesaml/'] = [
'AssertionConsumerService' => 'https://example.com/?morequest=acs',
'SingleLogoutService' => 'https://example.com/index.php?option=com_users&task=logout',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
'simplesaml.nameidattribute' => 'mail',
'simplesaml.attributes' => true,
'attributes' => array('mail', 'givenname', 'sn', 'memberOf'),
];
Manual Configuration :
Single Sign-On Service URL | Identity Provider Sign-in URL from Identity Provider Info in your Centrify SAML APP. |
IdP Entity ID or Issuer | Issuer from Identity Provider Info in your Centrify SAML App |
X.509 Certificate: | Open the .cer certificate file in notepad and copy/paste the entire content of the file. |
Add a button on your site login page with the following URL:
sso id, onelogin, single sign on, saml, adfs, Service provider, Joomla extensions, single sign-on sso, Web sso, miniorange, Joomla plugins, signle sign on solutions, Salesforce, saml php, saml authentication, SAML Service provider, saml 2.0 specification, google idp, assertion consumer service, Joomla saml acs url, saml issuer, saml claims, Joomla salesforce as Identity Provider, single sign on solution open source, saml 2.0 identity provider, saml idp vs sp, SAMl 2.0, SAML SP metadata, saml client, saml library, saml documentation, saml attribute mapping, Joomla SSO, best single sign on solution, saml relying party, joomla authentication plugin.
Business Trial For Free
If you don't find what you are looking for, please contact us at joomlasupport@xecurify.com or call us at +1 978 658 9387.