"Oh definitely Mr. Client, Drupal can integrate with your Identity Provider so your users can benefit from Single Sign On!"
There's a module for that right?
If you're like me when I first started my Drupal journey, I thought I could just install/enable a module, set a few configurations and be on my way to blissfully allowing users to SSO into my client's new site.
Wrong! It's not quite that easy, but thanks to a long, bumpy, fly by the seat of your pants adventure of integrating with a 100 pound gorilla's Identity Provider I'm here today to share the sunny side of this type of integration.
This mostly sunny weather forecast will include the following:
- Demystifying the architecture of an SSO integration I.E.: IDP, SP, Metadata, etc.
- Set up your first Service Provider using SimpleSAMLPHP
- Set up your first Identity Provider to mock your customer's metadata using SimpleSAMLPHP
- Install/enable the SimpleSAMLPHP_Auth module
- Properly configure the SimpleSAMLPHP_Auth module
- Map additional metadata to other fields for your users
- Easily debug failing assertions and improperly mapped metadata
My first adventure in this type of integration used Drupal 7 as its platform but today's session will use Drupal 8 as its platform, so we'll also take a quick look at the differences between implementation in v7 and v8.
Join me for this session and answer your client's with confidence regarding their SSO needs!