SimpleSAMLphp is a basic implementation of the SAML authentication protocol. When implementing single sign-on with SimpleSAMLphp, your users will request a service from the service provider (SP), which requests authentication information from your identity provider (IdP). Based on the information the IdP returns, the SP makes an access control decision.
Although SimpleSAMLphp supports several authentication identity provider (IdP) systems, Acquia supports only the SimpleSAMLphp service provider implementation.
If you’re an existing Acquia subscriber and you want help implementing SimpleSAMLphp, contact your Account Manager or the Acquia Sales Team for information about a Professional Services engagement.
Acquia Support provides limited help with checking the basic SimpleSAMLphp application setup against the following instructions. This includes the proper placement of SimpleSAMLphp files in your application and the required Drupal modules. Acquia Support may recommend a Professional Services engagement to address issues with the setup or external connections.
Installing and configuring simpleSAMLphp includes the following steps:
Note for Site Factory subscribers
Site Factory subscribers must work with Acquia to connect an external IdP to the Site Factory Management Console.
One feature generally expected from a single sign-on solution: if a visitor has already authenticated on a different website, they are then systematically authenticated when visiting the Drupal website. Single sign-on is a user-friendly feature ensuring a seamless transition between websites. However, the solution can come at the cost of decreased caching by the Varnish® layer.
The following issues in the simplesamlphp_auth
module’s issue queue may
cause problems due to session cookies invalidating Varnish caching. Acquia
recommends determining the status of the following module issues before
proceeding: