Add SAML authentication to any ProcessWire website

ProcessWire-SAMLAuth

Add SAML authentication to any ProcessWire website

Installation

Before you even attempt to install this module you must have knowledge of SAML, without this you will have slim chance of getting this to work.

1. To install just unzip into the modules directory

2. use the example settings files in the lib directory to make the advanced_settings.php and settings.php files.

3. Make sure that your IDP is sending the email address of users as the mail attribute.

4. Add the SP to your IDP metadata, see the section below on SP URL's

5. Enable the module and try logging in, instead of the ProcessWire login form you should be redirected to the IDP to authenticate, and with any luck it should redirect back to the admin dashboard upon successful authentication.

Because users are matched up by email address you must have a user already setup in processwire with an email that matches an account on your IDP.

This will not make new accounts for security reasons.

This is bassed on the awesome OneLogin php saml toolkit and should be pretty simple to configure.

SP URL's

This module will act as a SP, and as such you will need to add it to your IDP metadata. This module adds the following URL's which you will need to do this

http://(ProcessWireSite)/saml/acs.php for the Assertion Consumer Service

http://(ProcessWireSite)/saml/metadata.php for the SP's metadata

http://(ProcessWireSite)/saml/sls.php for the Single Logout Service

Below is an example for people who use SimpleSAMLphp (this would go in saml20-sp-remote.php)

  $metadata['http://192.168.0.62/pwtheme/saml/metadata.php'] = array(
    'AssertionConsumerService' => 'http://192.168.0.62/pwtheme/saml/acs.php',
    'SingleLogoutService' => 'http://192.168.0.62/pwtheme/saml/sls.php',
  );

That ProcessWire site is installed in the pwtheme subdirectory on my test server just for context.

Install and use modules at your own risk. Always have a site and database backup before installing new modules.

Twitter updates

  • ProcessWire 3.0.185 (dev) core updates, plus new Session Allow module— More
    17 September 2021
  • Three new ProcessWire Textformatter modules: Find/Replace, Markdown in Markup, and Emoji— More
    3 September 2021
  • This week we have a new master version released after a year in the making. With nearly 40 pull requests, hundreds of new additions and more than 100 issue reports resolved, this new version has a ton of great new stuff— More
    27 August 2021

Latest news

  • ProcessWire Weekly #385
    In the 385th issue of ProcessWire Weekly we'll cover the latest weekly update from Ryan, check out a new fieldtype module called Page Reference Context Data, and more. Read on!
    Weekly.pw / 25 September 2021
  • ProcessWire 3.0.184 new master/main version
    This week we have a new master/main version released after a full year in the making. As you might imagine, this new version has a ton of great new stuff and we’ll try to cover much of it here.
    Blog / 27 August 2021
  • Subscribe to weekly ProcessWire news

“Yesterday I sent the client a short documentation for their ProcessWire-powered website. Today all features already used with no questions. #cmsdoneright—Marc Hinse, Web designer/developer