SAML Single Sign On SSO Joomla Using WSO2

Step 1: Setup WSO2 as Identity Provider

  • Login to your WSO2 admin console.
  • Select Add under Service Provider tab.
  • Enter the Service Provider Name.
  • Click on Register.
  • Under Basic Information, check SaaS Application.
  • Under Claim Configuration, select Use Local Claim Dialect.
  • For Requested Claims, add https://wso2.org/claims/emailaddress claim URI
  • Set Subject Claim URI to https://wso2.org/claims/nickname
  • Under Inbound Authentication Configuration > SAML2 Web SSO Configuration, click Configure.
  • wso2 sso-1
  • Enter Issuer as SP-EntityID value provided under Service Provider Info tab. Eg. https://example.com/jira
  • Enter Assertion Consumer URL (ACS) as provided under Service Provider Info tab. Eg. https://example.com/jira/plugin/servlet/saml/auth
  • Check Enable Response Signing
  • Check Enable Assertion Signing
  • Check the Enable Attribute Profile and Include Attributes in the Response Always.
  • Check the Enable Audience Restriction.
  • Enter the Audience URL value provided under Service Provider Info tab and click Add Audience. Eg.https://example.com/jira
  • Check the Enable Recipient Validation. Enter the Audience URL value provided under Service Provider Info tab and click Add Recipient. Eg. https://example.com/plugin/servlet/saml/auth
  • Click on Register to save the configuration.
  • wso2 sso-2
  • Click on Update on Service Providers to save the configuration.
  • Select List under Identity Providers tab from the menu.
  • Click on Resident Identity Provider link.
  • wso2 sso-3
  • Enter Home Realm Identifier value that you want (usually your WSO2 server address). Eg. https://wso2.example.com
  • Click on Update.

Step 2: Configure Joomla as Service Provider (SP)

  • In Joomla SAML plugin, go to Service Provider Setup Tab. There are three ways to configure the plugin:
    • Azure_As_Idp By Metadata URL :

      • Click on Upload IDP Metadata.
      • Upload_Metadata_btn
      • Enter Metadata URL and click on Fetch Metadata.
      • Upload_Metadata_URL

      Azure_As_Idp By Uploading Metadata File:

      • Click on Upload IDP Metadata.
      • Upload_Metadata_btn
      • Choose metadata file and click on Upload.
      • Upload_Metadata_file

      Azure_As_Idp Manual Configuration :

      • Copy SAML Entity ID, SAML Single-Sign-On Endpoint URL and X.509 certificate from your Identity Provider and paste it in IdP Entity ID or Issuer, Single Sign-on Service URL, X.509 Certificate fields respectively in the plugin.
      • IdP Entity ID or Issuer SAML Entity ID from your IdP
        Single Sign-On Service URL SAML Single-Sign-On Endpoint URL in the from your IDP
        X.509 Certificate x.509 Certificate from your IDP

      Azure_As_Idp Add a button on your site login page with the following URL:

        Signin_Settings-1

Free Trial

If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about Canvas LMS as SP.