Add SAML authentication to any ProcessWire website

ProcessWire-SAMLAuth

Add SAML authentication to any ProcessWire website

Installation

Before you even attempt to install this module you must have knowledge of SAML, without this you will have slim chance of getting this to work.

1. To install just unzip into the modules directory

2. use the example settings files in the lib directory to make the advanced_settings.php and settings.php files.

3. Make sure that your IDP is sending the email address of users as the mail attribute.

4. Add the SP to your IDP metadata, see the section below on SP URL's

5. Enable the module and try logging in, instead of the ProcessWire login form you should be redirected to the IDP to authenticate, and with any luck it should redirect back to the admin dashboard upon successful authentication.

Because users are matched up by email address you must have a user already setup in processwire with an email that matches an account on your IDP.

This will not make new accounts for security reasons.

This is bassed on the awesome OneLogin php saml toolkit and should be pretty simple to configure.

SP URL's

This module will act as a SP, and as such you will need to add it to your IDP metadata. This module adds the following URL's which you will need to do this

http://(ProcessWireSite)/saml/acs.php for the Assertion Consumer Service

http://(ProcessWireSite)/saml/metadata.php for the SP's metadata

http://(ProcessWireSite)/saml/sls.php for the Single Logout Service

Below is an example for people who use SimpleSAMLphp (this would go in saml20-sp-remote.php)

  $metadata['http://192.168.0.62/pwtheme/saml/metadata.php'] = array(
    'AssertionConsumerService' => 'http://192.168.0.62/pwtheme/saml/acs.php',
    'SingleLogoutService' => 'http://192.168.0.62/pwtheme/saml/sls.php',
  );

That ProcessWire site is installed in the pwtheme subdirectory on my test server just for context.

Install and use modules at your own risk. Always have a site and database backup before installing new modules.

Twitter updates

  • ProcessWire 3.0.182 core updates– More
    23 July 2021
  • ProcessWire 3.0.181 has fixes and improvements as usual, but the biggest addition is a nice pull request for multi-language module translations, plus major updates to our Helloworld and ProcessHello demonstration modules. This post covers it all— More
    2 July 2021
  • ProcessWire 3.0.180 core updates– More
    18 June 2021

Latest news

  • ProcessWire Weekly #377
    In the 377th issue of ProcessWire Weekly we'll cover the latest core updates, highlight some recent online resources, and more. Read on!
    Weekly.pw / 31 July 2021
  • ProcessWire 3.0.181 core updates + “Hello World”
    ProcessWire 3.0.181 has fixes and improvements as usual, but the biggest addition is a nice pull request from LostKobrakai, plus major updates to our Helloworld and ProcessHello demonstration modules. This post covers it all.
    Blog / 2 July 2021
  • Subscribe to weekly ProcessWire news

“We chose ProcessWire because of its excellent architecture, modular extensibility and the internal API. The CMS offers the necessary flexibility and performance for such a complex website like superbude.de. ProcessWire offers options that are only available for larger systems, such as Drupal, and allows a much slimmer development process.” —xport communication GmbH