After you define and configure your IdP, you must test your connection and configure the simpleSAMLphp Authentication Drupal module to complete SimpleSAMLphp setup.
Testing your connection
To test your SimpleSAMLphp connection after defining and configuring your IdP:
- Visit
http://[example.com]/simplesaml/
in a web browser, replacing[example.com]
with the domain name of your website. - In the SimpleSAMLphp interface page that appears, click Authentication.
- Click Test authentication sources.
- Click the source to select it. This value defaults to
default-sp
unless you have configured another value inauthsources.php
.
If SimpleSAMLphp connects and authenticates, it redirects you to a page displaying the list of attributes returned by your IdP. You will need these attributes to configure the simpleSAMLphp Authentication Drupal module.
Configuring the Drupal module
After successfully testing your connection, you must configure the simpleSAMLphp Authentication Drupal module by completing the following steps.
- Add the simpleSAMLphp Authentication module to your codebase, if you haven’t done so already.
- Ensure you have added the
$conf
variable tosettings.php
(for Cloud Platform) or to a Factory settings.php hook (for Site Factory) as described in Installing the SimpleSAMLphp library. - Sign in to your Drupal website as a user with the Administrator role.
- Navigate to
http://[example.com]/admin/modules
, where[example.com]
is your website’s URL, and enable the simpleSAMLphp Authentication module. - Navigate to
http://[example.com]/admin/config/people/simplesamlphp_auth/
, where[example.com]
is your website’s URL, and confirm the$conf
variable has pre-populated the installation directory. - Add the attributes returned from the IdP when testing your connection in the User Info and Syncing fieldset to map to user name, unique identifier, and email address.
- Click Save Configuration.
- In the administrative menu, click Configuration > People > SimpleSAMLphp Auth Settings.
- Scroll to Basic settings, select the checkbox for Activate authentication via SimpleSAMLphp, and then save your changes.
- Navigate to the SimpleSAMLphp login page at
http://[example.com]/saml_login
. SimpleSAMLphp redirects the user to the IdP. Sign in with a username and password.
SimpleSAMLphp authenticates the username and password, and signs the user in to your Drupal website.
If the sign-in is successful, single sign-on is now enabled for your website!
External tools for testing
- The SAML-tracer extension for Firefox is a tool for viewing SAML messages sent through a browser during single sign-on.