Federated identity and SAML?

  • cjmusante

    (@cjmusante)


    10 years, 7 months ago

    Hi there,
    This plug-in sounds very close to what I’m looking for. I have a need to authenticate to a directory service, but I’ve been told by my technical staff that the directory expect SAML protocol, not simply an LDAP authentication.

    I’m not an expert in the nuances between these two approaches, but it looks like they are very similar. Please let me know if this plug-in is compatible or not, and if not, what level of change might be required in order to get it working. I am willing to fund development work if changes are needed.

    thanks,

    http://wordpress.org/plugins/simple-ldap-login/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Tatichka

    (@tatichka)

    10 years, 6 months ago

    Hello cjmusante,

    I myself implemented Simplesamlphp and WordPress.
    The LDAP integration and the FEDID are very different things. Since this plugin makes requests directly to your LDAP, you need your server to be able to communicate with the LDAP server.
    The FEDID adds another layer, with the Service PRovider and Identity Provider, that enables you to (not directly) communicate with the LDAP.

    What you need in your case is :

    That’s pretty much it. Oh, and on the Service Prodiver side, they might need to open a connection between your application (URL, metadata, certificate..) and the FED application.

    Hope all is clear for you

    Thread Starter cjmusante

    (@cjmusante)

    10 years, 6 months ago

    Hello Tatichka,
    thanks for your response, it was very helpful.

    Since I posted my inquiry, I’ve learned a lot more about what will be required in support of Federated Identity SSO, and I’ve also found a plug-in called http://wordpress.org/plugins/saml-20-single-sign-on/changelog/ which seems to address my requirements pretty well.

    Do you have any experience with this other plug-in, and/or can you comment on how well the simplesamlphp plug-in works, with respect to managing the addition of new users, into specific roles.

    [Moderator Note: Please ensure that you are embedding links correctly in your posts.]

    Tatichka

    (@tatichka)

    10 years, 6 months ago

    Hello,

    The simplesamlphp authentication automatically add a user to your blog but with the lowest profile (subscriber if I am not mistaken). So all you hve to do is change the user’s role once he logged in the first time.

    I pimped this plugin to make it work with WP Multisite, so if you too are working with multisite, I could send you my version. If you are using multisite, you can use this plugin http://wordpress.org/plugins/wpmuldap/ to manage the addition of users. Unfortunately it is not compatible with the mono version.

    As for the SAML2.0 SSO, I haven’t tried for myself, but from what I read, it could be the one you’re looking for.

    Good luck with implementing simplesaml on your blog !

    Thread Starter cjmusante

    (@cjmusante)

    10 years, 6 months ago

    Thanks again for the constructive feedback.
    I’m currently using single-site, not multi-site, so it looks like I’ll need to modify the proposed plug-in in order to satisfy some of my more complex requirements.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Federated identity and SAML?’ is closed to new replies.

Tags