Labels

Configuring Simplesamlphp with Drupal 8

Configuring Simplesaml with Drupal 8


Simplesaml is an application which can act as Service Provider(SP) and as an Identity Provider(IDP). It supports many identity providers such as OKTA, G-Suite, etc,.

Lets go and configure simplesaml with drupal 8. Follow the below steps for configuration of simplesaml.

Download screen of simplesaml module

  • This module requires 'Simplesamlphp' library for installation. So, download the simplesamlphp library using composer. As, this module include simplesamlphp library and externalauth module as dependencies, you can download both the dependencies using 'composer update'.
  • Switch to the simplesamlphp_auth module directory, which is placed under either module/contrib or module under your application directory.
  • Run the composer update command as below
    • 'composer update'
    • As, I have already downloaded the dependencies, it displays 'Nothing to install or update'

Downloading dependencies for simplesamlphp module

  • After downloading both the dependencies, you can proceed to install the simplesamlphp_auth module under 'Extend' menu.

Installation page of Simplesamlphp authentication module

  • After installation of 'Simplesamlphp_auth' module, goto Configuration->People->Simplesamlphp Auth Settings

Basic settings of Simplesamlphp Auth
  • Kindly do not enable the Simplesamlphp by checking 'Activate authentication via SimpleSAMLphp' field. Before enabling do all the simplesaml configuration.
  • You can get the list of 'Authentication Sources' by clicking on the 'Test configured authentication sources' under Authentication tab in Simplesaml instance.

Simplesaml Instance Authentication page

Test Authentication sources

  • You can use any one of the valid 'Authentication source' under the field 'Authentication source for this SP'.

Basic settings of Simplesamlphp Auth

  • Save the configuration, after updating the authentication source and move to 'User info and syncing' tab.

User info and syncing

  • Update the fields namely 'SimpleSAMLphp attribute to be used as unique identifier for the user' and 'SimpleSAMLphp attribute to be used as username for the user' with the unique attributes from the response of Authentication sources. 
  • You can get the list of available attributes of an authentication source by clicking on the authentication source under 'Test authentication sources' page.

Attributes from Test auth source
  • If you have 'Email' attribute, you can update that under 'SimpleSAMLphp attribute to be used as email address for the user'. 
  • Enable the field 'Automatically enable SAML authentication for existing users upon successful login'.
  • After updating all the fields, it will be looking like as below:

User info and syncing configuration

  • Save the configuration and move to 'Basic settings' tab and enable the field 'Activate authentication via SimpleSAMLphp' and save the configuration.
  • After enabling the Simplesamlphp, you can see a link named 'Federated login' in the login page. By clicking on the link you can login using Simplesaml Authentication source.
Note:
  • Simplesaml instance and the drupal application should be under same domain.
  • Example:
    • Drupal Instance: http://localhost/drupal/
    • Simplesaml Instance: http://localhost/drupal/simplesaml/

Kindly Subsribe to Things to know -Mr Ko & Acquia Pantheon Drupal Blog.
To get latest updates and solutions for the errors you facing.
Labels: