IL
Uploaded byIwantha Lekamge
260 views

Single sign on across drupal 8

The document discusses the implementation of Single Sign-On (SSO) across Drupal 8, emphasizing its benefits such as simplified login processes and centralized user management. It details the setup of SAML 2.0 within the Drupal environment using the SimpleSAMLphp library, along with necessary configurations for service providers and identity providers. Additionally, it provides resources and examples for integrating various identity management services.

Embed presentation

Download to read offline
SSO[ Single Sign On ] Iwantha Lekamge Across Drupal 8
In today’s digitized world, connecting its systems is a must for any organization. Digitally Driven World
Organization HR System Payroll Stock Management Blog WebCustomer Portal
Given the number of systems, websites, and more, having a single authentication mechanism across all systems is highly beneficial. Authentication
What is SSO? Single Sign-On (SSO) is a user authentication service that permits a user to use one set of login credentials (for example, their name and password) to access multiple systems.
SSO Website Website Website
● Same user credentials used for multiple systems to simplify login Benefits ● Single logout system (SLO) ● Automatic login to federated systems
● Centralized system to manage users and roles ● Lower operational costs ● Easy migration and configuration with a new system Why Organizations Need SSO
● SAML 2.0 ● WS-Federation ● WS-Trust ● OAuth 2.0 ● OpenID Connect ● SCIM SSO Standards
Security Assertion Markup Language (SAML) is an XML-based data format for exchanging authentication and authorization data between an identity provider and a service provider. SAML
● Identity Provider (IdP) The SAML authority that provides the identity assertion to authenticate a user ● Service Provider (SP) The SAML consumer that provides the service for users Providers
How SAML Works ldp SP
Steps Involved in SAML Service Provider (Application) User Identity Provider
● SimpleSAMLphp Library ● Drupal 8 instances ● SimpleSAMLphp_auth Drupal module Requirements
● Two Drupal instances ● One instance as SP ● Other instance as IdP Setting up SP and IdP
● Set up a SimpleSAMLphp library inside the docroot of the Drupal ● Create a symlink and update the .htaccess file ● Configure config.php ● Generate certificates (Run this command inside cert folder) openssl req -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem Service Provider Configurations
http://localhost:8888/drupal-8-sp/simplesaml
● Set up SimpleSAMLphp library inside the docroot of the Drupal ● Create a symlink and update the .htaccess file ● Update config.php ● Enable exampleauth module ● Configure authsources.php IdP Configurations 'enable.saml20-idp' => true cd modules/exampleauth touch enable
http://localhost:8888/drupal-8-ip/simplesaml
● Generate certificates (Run this command inside cert folder) ● SAML 2.0 IdP needs to be configured by the metadata stored in metadata/saml20-idp-hosted.php Verifying the IdP openssl req -newkey rsa:3072 -new -x509 -days 3652 -nodes -out server.crt -keyout server.pem cd cert
● Copy IDP metadata to the metadata/saml20-idp-remote.php file of the SP ● Copy SP metadata to the metadata/saml20-sp-remote.php file of the IdP ● Configure Service Provider with the IdP name Metadata
Test Configured Authentication Resources
● Download and install the module ● Check ‘Activate authenticate via SimpleSAMLphp’ (Basic settings) ● Change ‘User info and Syncing’ ○ uid as the unique identifier for the user ○ uid as the username for the user ○ email as the email address for the user SimpleSAMLphp_auth Module
Federated Login
● Aerobase ● CAS ● Keycloak ● Shibboleth ● WSO2 Identity Server Open Source SSO
● Download WSO2 Identity Server ● Run ./bin/wso2server.sh on terminal ● Open https://localhost:9443/carbon/ in web browser ● Login to the system ○ Username: admin ○ Password: admin Connect With WSO2 Identity Server
Demonstration
● https://medium.com/@iwantha/single-sign-on-across-drupal-8-e42db6a2e7f ● https://medium.com/@iwantha/wso2-identity-server-sso-with-drupal-8-4bb8ae915c20 ● https://github.com/simplesamlphp/simplesamlphp ● https://www.drupal.org/project/simplesamlphp_auth ● https://wso2.com/identity-and-access-management Resources
Thank YouNov 29, 2019

More Related Content

PDF
Grokking TechTalk #33: High Concurrency Architecture at TIKI
byGrokking VN
 
PDF
Event-Driven Architecture (EDA)
byWSO2
 
KEY
Solid principles
byDeclan Whelan
 
PPTX
Design Like a Pro: How to Pick the Right System Architecture
byInductive Automation
 
PPTX
Solid principles
byToan Nguyen
 
PDF
Amazon virtual private cloud (vpc)
byKi Sung Bae
 
PPTX
Introduction to microservices
byAnil Allewar
 
PDF
Event Driven-Architecture from a Scalability perspective
byJonas Bonér
 
Grokking TechTalk #33: High Concurrency Architecture at TIKI
byGrokking VN
 
Event-Driven Architecture (EDA)
byWSO2
 
Solid principles
byDeclan Whelan
 
Design Like a Pro: How to Pick the Right System Architecture
byInductive Automation
 
Solid principles
byToan Nguyen
 
Amazon virtual private cloud (vpc)
byKi Sung Bae
 
Introduction to microservices
byAnil Allewar
 
Event Driven-Architecture from a Scalability perspective
byJonas Bonér
 

What's hot

PDF
Introduction to Event Driven Architecture
byCitiusTech
 
KEY
SOLID Design Principles
bySamuel Breed
 
PDF
Modern Web Development
byRobert Nyman
 
PDF
Building a Microservices-based ERP System
byMongoDB
 
PDF
Swift Programming Language
byCihad Horuzoğlu
 
PDF
Bizweb Microservices Architecture
byKhôi Nguyễn Minh
 
PDF
Designing microservices platforms with nats
byChanaka Fernando
 
PPTX
Hexagonal architecture with Spring Boot
byMikalai Alimenkou
 
PDF
What is Continuous Integration? | Continuous Integration with Jenkins | DevOp...
byEdureka!
 
PPTX
Qt for beginners part 1 overview and key concepts
byICS
 
PDF
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager
byWSO2
 
PDF
Drupal 8, presente y futuro
byMediaglobe Innova
 
PDF
SOLID Design Principles applied in Java
byIonut Bilica
 
PPTX
Distributing Transactions using MassTransit
byChris Patterson
 
PDF
Async Messaging in CQRS: Part 1 - Masstransit + DDD Intro
byGeorge Tourkas
 
PPTX
6 Simple Steps to Enterprise Digital Transformation
byInductive Automation
 
PDF
Basics of Model/View Qt programming
byICS
 
PPTX
Top 10 Design & Security Tips to Elevate Your SCADA System
byInductive Automation
 
PDF
Expressjs
byYauheni Nikanovich
 
PPTX
Domain driven design
byAmit Mukherjee
 
Introduction to Event Driven Architecture
byCitiusTech
 
SOLID Design Principles
bySamuel Breed
 
Modern Web Development
byRobert Nyman
 
Building a Microservices-based ERP System
byMongoDB
 
Swift Programming Language
byCihad Horuzoğlu
 
Bizweb Microservices Architecture
byKhôi Nguyễn Minh
 
Designing microservices platforms with nats
byChanaka Fernando
 
Hexagonal architecture with Spring Boot
byMikalai Alimenkou
 
What is Continuous Integration? | Continuous Integration with Jenkins | DevOp...
byEdureka!
 
Qt for beginners part 1 overview and key concepts
byICS
 
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager
byWSO2
 
Drupal 8, presente y futuro
byMediaglobe Innova
 
SOLID Design Principles applied in Java
byIonut Bilica
 
Distributing Transactions using MassTransit
byChris Patterson
 
Async Messaging in CQRS: Part 1 - Masstransit + DDD Intro
byGeorge Tourkas
 
6 Simple Steps to Enterprise Digital Transformation
byInductive Automation
 
Basics of Model/View Qt programming
byICS
 
Top 10 Design & Security Tips to Elevate Your SCADA System
byInductive Automation
 
Expressjs
byYauheni Nikanovich
 
Domain driven design
byAmit Mukherjee
 

Similar to Single sign on across drupal 8

PDF
Single Sign On Across Drupal 8 - DrupalCon Global 2020
byIwantha Lekamge
 
PDF
Open source wso2 identity server sso with drupal 8
byIwantha Lekamge
 
PDF
Drupal and diversity of Single sign-on systems
byAlex S
 
PPTX
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
PDF
ISBG The 3 S's a guide to single sign on
byGabriella Davis
 
PPTX
SSO - Presentation
byChristopher Thant
 
PDF
SSO To go
byMarcus Deglos
 
PDF
Open sso fisl9.0
byStartup Cursos
 
PDF
Simplifying The S's: Single Sign-On, SPNEGO and SAML
byGabriella Davis
 
PDF
Open Source Identity Integration with OpenSSO
byelliando dias
 
PDF
Single sign on using SAML
byProgramming Talents
 
PPTX
Single Sign On 101
byMike Schwartz
 
PPTX
Presentation
byLaxman Kumar
 
PPT
Presentation sso design_security
byMarco Morana
 
PPTX
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
byMysoreMuleSoftMeetup
 
PPTX
Enterprise single sign on
byArchit Sharma
 
PDF
WSO2 Identity Server - Product Overview
byWSO2
 
PPTX
Extending drupal authentication
byCharles Russell
 
PPTX
Help! I Have An Identity Crisis: A look at various mechanisms of Single Sign On
bySaloni Shah
 
PDF
Cloud Identity Webinar
byWSO2
 
Single Sign On Across Drupal 8 - DrupalCon Global 2020
byIwantha Lekamge
 
Open source wso2 identity server sso with drupal 8
byIwantha Lekamge
 
Drupal and diversity of Single sign-on systems
byAlex S
 
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
ISBG The 3 S's a guide to single sign on
byGabriella Davis
 
SSO - Presentation
byChristopher Thant
 
SSO To go
byMarcus Deglos
 
Open sso fisl9.0
byStartup Cursos
 
Simplifying The S's: Single Sign-On, SPNEGO and SAML
byGabriella Davis
 
Open Source Identity Integration with OpenSSO
byelliando dias
 
Single sign on using SAML
byProgramming Talents
 
Single Sign On 101
byMike Schwartz
 
Presentation
byLaxman Kumar
 
Presentation sso design_security
byMarco Morana
 
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
byMysoreMuleSoftMeetup
 
Enterprise single sign on
byArchit Sharma
 
WSO2 Identity Server - Product Overview
byWSO2
 
Extending drupal authentication
byCharles Russell
 
Help! I Have An Identity Crisis: A look at various mechanisms of Single Sign On
bySaloni Shah
 
Cloud Identity Webinar
byWSO2
 

Recently uploaded

PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PPTX
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
PPTX
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PPTX
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PPTX
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
cybercrime in Information security .pptx
byismaeelsahib032
 
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 

Single sign on across drupal 8

  • 1.
    SSO[ Single SignOn ] Iwantha Lekamge Across Drupal 8
  • 2.
    In today’s digitizedworld, connecting its systems is a must for any organization. Digitally Driven World
  • 3.
    Organization HR System Payroll StockManagement Blog WebCustomer Portal
  • 4.
    Given the numberof systems, websites, and more, having a single authentication mechanism across all systems is highly beneficial. Authentication
  • 5.
    What is SSO? SingleSign-On (SSO) is a user authentication service that permits a user to use one set of login credentials (for example, their name and password) to access multiple systems.
  • 6.
  • 7.
    ● Same usercredentials used for multiple systems to simplify login Benefits ● Single logout system (SLO) ● Automatic login to federated systems
  • 8.
    ● Centralized systemto manage users and roles ● Lower operational costs ● Easy migration and configuration with a new system Why Organizations Need SSO
  • 9.
    ● SAML 2.0 ●WS-Federation ● WS-Trust ● OAuth 2.0 ● OpenID Connect ● SCIM SSO Standards
  • 10.
    Security Assertion MarkupLanguage (SAML) is an XML-based data format for exchanging authentication and authorization data between an identity provider and a service provider. SAML
  • 11.
    ● Identity Provider(IdP) The SAML authority that provides the identity assertion to authenticate a user ● Service Provider (SP) The SAML consumer that provides the service for users Providers
  • 12.
  • 13.
    Steps Involved inSAML Service Provider (Application) User Identity Provider
  • 14.
    ● SimpleSAMLphp Library ●Drupal 8 instances ● SimpleSAMLphp_auth Drupal module Requirements
  • 15.
    ● Two Drupalinstances ● One instance as SP ● Other instance as IdP Setting up SP and IdP
  • 16.
    ● Set upa SimpleSAMLphp library inside the docroot of the Drupal ● Create a symlink and update the .htaccess file ● Configure config.php ● Generate certificates (Run this command inside cert folder) openssl req -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem Service Provider Configurations
  • 17.
  • 18.
    ● Set upSimpleSAMLphp library inside the docroot of the Drupal ● Create a symlink and update the .htaccess file ● Update config.php ● Enable exampleauth module ● Configure authsources.php IdP Configurations 'enable.saml20-idp' => true cd modules/exampleauth touch enable
  • 19.
  • 20.
    ● Generate certificates(Run this command inside cert folder) ● SAML 2.0 IdP needs to be configured by the metadata stored in metadata/saml20-idp-hosted.php Verifying the IdP openssl req -newkey rsa:3072 -new -x509 -days 3652 -nodes -out server.crt -keyout server.pem cd cert
  • 22.
    ● Copy IDPmetadata to the metadata/saml20-idp-remote.php file of the SP ● Copy SP metadata to the metadata/saml20-sp-remote.php file of the IdP ● Configure Service Provider with the IdP name Metadata
  • 23.
  • 24.
    ● Download andinstall the module ● Check ‘Activate authenticate via SimpleSAMLphp’ (Basic settings) ● Change ‘User info and Syncing’ ○ uid as the unique identifier for the user ○ uid as the username for the user ○ email as the email address for the user SimpleSAMLphp_auth Module
  • 25.
  • 26.
    ● Aerobase ● CAS ●Keycloak ● Shibboleth ● WSO2 Identity Server Open Source SSO
  • 27.
    ● Download WSO2Identity Server ● Run ./bin/wso2server.sh on terminal ● Open https://localhost:9443/carbon/ in web browser ● Login to the system ○ Username: admin ○ Password: admin Connect With WSO2 Identity Server
  • 28.
  • 29.
    ● https://medium.com/@iwantha/single-sign-on-across-drupal-8-e42db6a2e7f ● https://medium.com/@iwantha/wso2-identity-server-sso-with-drupal-8-4bb8ae915c20 ●https://github.com/simplesamlphp/simplesamlphp ● https://www.drupal.org/project/simplesamlphp_auth ● https://wso2.com/identity-and-access-management Resources
  • 30.