The SAML SP module allows Drupal to function as a Service Provider. This means that users can authenticate to Drupal (without a username or password) via a SAML IDP (Identity Provider) that has been pre-registered with Drupal.

Configuration

To configure an IDP, you need:

  • The SAML Login URL of the IDP
  • The x.509 certificate of the IDP

Alternative modules

The SimpleSAMLphp authentication module is similar, but has several differences.

  • The simplesaml_php module requires the SimpleSamlPHP framework. The framework is a full-stack framework: you need a vhost, data-storage, docroot, etc. It is not a simple component library.
  • The Saml SP module uses the OneLogin PHP-SAML toolkit, which is a minimal component library.
  • The Saml SP module only functions as a Service Provider. It won't act as an IDP.
  • Saml SP is configured entirely in Drupal (/admin/config/people/saml_sp).
  • Saml SP allows multiple IDPs and an API to work with them
  • Saml SP has a Drupal Login module which lets users automatically login/register using the Saml SP API

Installation

  1. Install the module files on your drupal site
  2. Checkout the OneLogin PHP-SAML toolkit into the 'lib' directory
    cd saml_sp/lib
    git clone https://github.com/onelogin/php-saml.git .
  3. Configure the module at admin/config/people/saml_sp.
  4. Enable the Saml SP Drupal Login module, if you want users to be able to automatically log in via Saml SP authentication.

Project Information

Downloads