This allows the user who is already logged into the Drupal site to then navigate to a SAML SP that uses the IdP without the need to authenticate again. The advantage of this approach is that the SimpleSAMLphp IdP session is tied to a Drupal session. Authenticate against Drupal but use the Drupal login page Attribute names in this case would be "$field_name:$property_name". Leave 'attributes' empty or unset to get all available field values. 'attributes' => array(Īrray( 'field_name' => 'uid', 'attribute_name' => 'uid'),Īrray( 'field_name' => 'roles', 'attribute_name' => 'roles', 'field_property' => 'target_id'),Īrray( 'field_name' => 'name', 'attribute_name' => 'cn'),Īrray( 'field_name' => 'mail', 'attribute_name' => 'mail'),Īrray( 'field_name' => 'field_first_name', 'attribute_name' => 'givenName'),Īrray( 'field_name' => 'field_last_name', 'attribute_name' => 'sn'),Īrray( 'field_name' => 'field_organization', 'attribute_name' => 'ou', 'field_property' => 'target_id'), Which attributes should be retrieved from the Drupal site. 'SESSdrupalauth4ssp') if hosted on Pantheon so that the cookie // is is not stripped away by Varnish. Set this to use a cache-busting cookie pattern // (e.g. Whether to turn on debug 'debug' => true, The filesystem path of the Drupal directory. The advantage of this approach is that there is no obvious connection between SimpleSAMLphp IdP and the Drupal site.Ĭonfigure the authentication source by putting following code into simplesamlphp/config/authsources.php Configure the authentication source in simplesamlphp/config/authsources.php as described below.Īuthenticate against Drupal but use the SimpleSAMLphp login page.Configure SimpleSAMLphp to use something other than phpsession for session storage, e.g., SQL or memcache (See: store.type in simplesamlphp/config/config.php).Note on Drupal configurationĭisabling discovery cache will prevent this module from functioning. Branch 1.7 is respectfully for Drupal 7 (not composer integration yet). Master at the moment corresponds to 1.8.*. Branch and version namingįollowing Semantic Versioning is hard when you have multiple upstream dependencies.Įxample: for SimpleSAMLphp version 1.15.4 with Drupal version 8.5.6 and this module version 1 we will have tag 1.8.1. If you want to connect your Drupal site as Service Provider to a SAML or Shibboleth IdP, use the simplesamlphp_auth module for Drupal. Please note that all issues related to Drupal functionality should be reported there. If you want to use Drupal as Identity Provide you should also install drupalauth4ssp that is available on. This is a simpleSAMLphp module, NOT a Drupal module.ĭownload this module only if you want to use Drupal as Identity Provider. This allows the administrator to leverage the user management and integration capabilities of Drupal for managing the identity life cycle and the power of SimpleSAMLphp for identity integration. This module for SimpleSAMLphp provides an Authentication Source for authenticating users against a local Drupal site. If you want to establish your Drupal site as a SAML service provider (SP) connected to a SAML or Shibboleth IdP, see the simplesamlphp_auth module for Drupal. NOTE: This is software establishes a SAML identity provider (IdP) using Drupal as the user database instead of LDAP. This allows the administrator to leverage the user management and integration capabilities of Drupal for managing the identity life cycle. The drupalauth module for simpleSAMLphp makes it easy to create a SAML or Shibboleth identity provider (IdP) by enabling authentication of users against a Drupal site on the same server. Users interact with Drupal to create accounts, manage accounts, and authenticate. Drupal + SimpleSAMLphp + drupalauth = Complete SAML Identity Provider (IdP)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |