Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Install
Works with Drupal: ^8 || ^9Using Composer to manage Drupal site dependencies
Alternative installation files
Download samlauth-8.x-3.0-alpha2.tar.gztar.gz
41.7 KB
MD5: 9d775a84fe4492021340ce9a91072c24
SHA-1: 30a2574d7ae96c21a5fff728f735c1254a0f5f94
SHA-256: c9c5cb5d6a1baa950babdc3bb787038b734924931d52b03e26682139c29d7ca2
Download samlauth-8.x-3.0-alpha2.zipzip
56.39 KB
MD5: 9d4a50d415076a90eb65639d769b30f9
SHA-1: d525663e769418f0627d13589f36cc8c90206f23
SHA-256: 171a7cbe53d7bd1a12499619b8d29e3c3d143d06ec2c6a6e9c38e69df523deba
Release notes
Significant issues
- Drupal 9 compatibility (#3112135 by angela_G, japerry, glitchinfinity)
- Fix login/logout issues with non-default language on sites with URL prefix negotiation (#2848809 by lpeabody)
- Better support for ADFS IdPs (among others) through more configurable options; reorganized advanced options on the configuration screen
- #3045027 by johnjw59: Allow Signing of Logout Requests
- #3099353 by jeffam: Allow encryption of IDP assertions
- #3086827 by Antonnavi, davidferlay, andypost, roderik: Add UI to set NameId not required
- #3086441 by Antonnavi, nironan, roderik: add option to prevent setting NameIdPolicy in the SAML request. Fix default value for unspecified NameID format.
- #3097401 by nguerrier, andypost: Add option to reuse signature parameters from $_SERVER['REQUEST'] to validate incoming logout requests/responses.
- #3131028 by roderik: set security_lowercase_url_encoding to True for new installs. Also, add detailed configuration info to the README.
Other fixes
- More work on preventing "Leaked Metadata" exceptions (#3050122)
- #3067225 by Oleksiy: Missed samlauth.authentication:idp_entity_id config schema
- #3087233 by piggito, davidferlay: Ignore e-mail synchronization if user_mail_attribute is empty
- #3045553 by Leon Kessler: Prevent error when name field does not exist on user login page
- #3103165 by nguerrier, KondratievaS: Remove default value for user name and email attributes
- #3064958 by moshe weitzman, piggito, roderik: Drupal\Core\Entity\EntityStorageException: Constant ONELOGIN_CUSTOMPATH already defined
- #3053187 by adamfranco: Improve error messages when account doesn't map
- <#3092803 by rakesh.gectcr, roderik: Update composer.json php-saml dependency to one without vulnerable recursive dependencies/li>
- #3129800 by ndrake86: Process relay state in AccessDeniedSubscriber event (fixing IdP initiated login flow)
Other enhancements
- #3131295 by svendecabooter: Allow passing of parameters to SAML login / logout events
- #2816991 by roderik: New debugging options for logging SAML requests/responses
Release plan
This is still another alpha release, despite the functionality being stable, because work has been focused on functionality/fixes rather than tests/API stability.
The release has been prompted by organisations' immediate need for D9 compatibility; Another alpha release may still follow soonish, containing fixes to some still outstanding issues.
Progress reported in #2882568: Plan for SAML Authentication 4.x.