School Digital Solution

SimpleSAML Integration between Moodle and WordPress

Below steps detail Moodle as IDP (Identity Provider) and WordPress as consumer of the service (i.e WordPress login through moodle system). I have started installation from the  moodle link however find some steps are highlevel so in this post i have detail these steps so that this will help others.

We need 3 components to work this installation 1)  SimpleSAMLphp local installation 2) Moodle plugin SAML Identity Provider 3) WordPress WP SAML Auth plugin.

Step 1: Download simplesamlphp from https://simplesamlphp.org/download and copy to your server /tmp folder. unzip the file using below command

 sudo tar -xvf simplesamlphp-1.18.8.tar.gz

Copy extracted folder to /var/simplesamlphp 

 we need to enable /var/simplesamlphp/www folder access from web to perform the singlesignon. Make below changes to /etc/apache2/sites-available/default-ssl.conf file add below after the existing document directory.

Alias “/simplesamlphp” “/var/simplesamlphp/www”

add below in /etc/apache2/apache2.conf after “all directory permission granted”

#Allow simple saml allow for login and logout

<Directory /var/simplesamlphp/www/>

AllowOverride None

Require all granted

</Directory>

Restart apache2 : sudo service apache2 restart

lastly modify /var/simplesamlphp/config/config.php following:

‘baseurlpath’ => ‘simplesamlphp/’

check www.example.com/saml is working.. if you can see something below then you are good to proceed with next level modifications.

modify /var/simplesamlphp/config/config.php following

‘baseurlpath’ => ‘simplesamlphp/’,
‘secretsalt’ => ‘Generate Secreat Salt using command given on the file’,
‘auth.adminpassword’ => ‘Change it’,
‘store.type’ => ‘sql’,
‘store.sql.dsn’ => ‘mysql:dbname=dbname;host=localhost’,
‘store.sql.username’ => ‘db user name‘,
‘store.sql.password’ => ‘db password‘,
‘store.sql.prefix’ => ‘prefix‘,

‘technicalcontact_name’ => ‘Domain Admin’,
‘technicalcontact_email’ => ‘Domain Email contact’,
‘timezone’ => ‘update as per your timezone’,

‘enable.saml20-idp’ => true,

cert path change it to where your domain certificate available. Make sure you have server.crt and server.pem file in this directory. If you are using LetsEncrypt then change server.pem to server.key.

Create DB for SimpleSAML keep all the session information.

sudo mysql -u mysqladm -p

create database dbname;

create user ‘db user id‘@’localhost’ IDENTIFIED BY ‘db password‘;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON dbname.* TO ‘db user id‘@’localhost’;
FLUSH PRIVILEGES;

modify /var/simplesamlphp/config/authsources.php following

// This authentication source serves as an example of integration with an
// external authentication engine. Take a look at the comment in the beginning
// of modules/exampleauth/lib/Auth/Source/External.php for a description of
// how to adjust it to your own site.
‘moodle-userpass’ => [
‘moodle:External’,
‘moodle_coderoot’ => ‘moodle installation root‘,
‘logout_url’ => ‘https://www.example.com/moodle/auth/samlidp/logout.php’, // plugin’s logout page
‘login_url’ => ‘https://www.example.com/moodle/login/index.php’, // standard Moodle login page
‘cookie_name’ => ‘MoodleSAMLIDPSessionID’,
],

modify /var/simplesamlphp/metadata/saml20-idp-hosted.php following

‘auth’ => ‘moodle-userpass’,

Login to moodle system and Install SAML Identity Provider plugin. provide following as input SimpleSAMLphp installation directory: /var/simplesamlphp
Auth source: moodle-userpass 

Navigate to Site administration->Plugins->Manage authentication->SAML Authentication

and enable the module by clicking eye icon.

Verify Moodle authentication is working by below steps: Go to https://www.example.com/saml and click tab “Authentication” and click “Test authentication sources” and click “moodle-userpass” and you will routed to moodle loginpage. Once you authenticated in moodle and you will redirected to saml page with the attribute that are available for consumer.

see the wordpress consumer integration in my next post.

 

9 thoughts on “SimpleSAML Integration between Moodle and WordPress

  1. Every weekend i used to pay a quick visit this web site, for the reason that i want enjoyment, for the reason that this this web page conations really good funny material too.| Beatrice Nefen Merideth

  2. Hello. This article was extremely fascinating, particularly since I was looking for thoughts on this matter last Wednesday. Deny Isaak Dam

Leave a Reply

Your email address will not be published. Required fields are marked *