SAML Single Sign-On (SSO) into Drupal using Gluu Server as IdP
Drupal SAML Gluu Server SSO (Single Sign-On) setup will allow your user to login to your Drupal site using their Gluu Server Credentials. Drupal SAML module gives the ability to enable SAML Single Sign-on for Drupal. This module is compatible with all SAML Identity Providers (IdP). We provide Drupal SAML Single Sign on - Service Provider module which is compatible with Drupal 7, Drupal 8, Drupal 9 and Drupal 10. Here we will go through a guide to configure SAML SSO between Drupal and Gluu Server Idp. By the end of this guide, users from your Identity Provider should be able to login into the
Drupal site.
If you have any queries or if you need any sort of assistance in configuring the module, you can contact us at drupalsupport@xecurify.com. If you want, we can also schedule
an online meeting to help you configure the Drupal SAML Single Sign on - Service Provider SSO Login module.
Installation Steps
- Download the module:
Composer require 'drupal/miniorange_saml'
- Navigate to Extend menu on your Drupal admin console and search for miniOrange SAML Service Provider using the search box.
- Enable the module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
- Install the module:
drush en drupal/miniorange_saml
- Clear the cache:
drush cr
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
- Navigate to Extend menu on your Drupal admin console and click on Install new module button.
- Install the Drupal SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module either by downloading the zip or from the URL of the package (tar/zip).
- Click on Enable newly added modules.
- Enable this module by checking the checkbox and click on install button.
- Configure the module at
{BaseURL}/admin/config/people/miniorange_saml/idp_setup
Steps to configure Drupal SAML Single Sign-On ( SSO ) Login into Gluu Server
2. Configuring Gluu Server as SAML Identity Provider
Follow the steps below to configure Gluu Server as IdP
Configure Gluu Server as IdP
- In the miniOrange SAML SP SSO module, navigate to Service Provider Metadata tab. Here, you can find the SP metadata such as SP Entity ID and ACS (AssertionConsumerService) URL which are required to configure the Identity Provider.
- Login to Gluu server admin console.
- From the navigation panel, click on SAMLAdd Trust Relationships.
- Display Name: Drupal SAML App (Enter any name for identifying the application)
- Description: Provide a suitable description for you application
- Entity Type: Single SP
- Metadata Location: File
- From the Service Provider Metadata tab in the module, download the Metadata XML File.
- Upload the Metadata file in SP Metadata File.
- Now tick the Configure Relying Party checkbox and click on Configure Relying Party link.
- You will be shown the Relying Party Configurations page.
- From Available Profile Configurations, select SAML 2.0 SSO and click on Add to add SAML2SSO to Selected Profile Configurations.
- In SAML 2.0 SSO Profile, configure the following:
signAssertions Never signRequests Conditional encryptAssertions Conditional defaultAuthenticationMethods None Support Unspecified NameId Format Tick the checkbox - From Available NamedId Formats, select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress and urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified and add it to the Selected NamedId Formats.
- Click on Save button.
- From the Release Additional Attributes section on the right, add the attributes you want to send to the Service Provider.
- Click on Update button.
- Gluu's SAML IDP metadata can be found at https://HOSTNAME/idp/shibboleth. This will be required to configure the module in Service Provider.
2. Configuring Drupal as SAML Service Provider
-
In miniOrange SAML module, go to Service Provider Setup tab of the module. There are two ways to configure the module:
- Click on Upload IDP metadata button.
- Enter the Identity Provider Name
- You can either upload a metadata file and click on Upload button or use a metadata URL and click on Fetch Metadata.
- Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) as provided by your Identity Provider and click on the Save button.
A. By uploading IDP metadata:
B. Manual Configuration:
24*7 Active Support
If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SAML SP modules.
Additional Resources
Our Other Modules
Note: In order to support SAML SSO, the Gluu Server must include the Shibboleth SAML IDP.
Configure the following in Trust Relationship Form:
Need Help? We are right here!
