forked from otatarintseva/moodle-auth_samlidp
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathREADME.txt
24 lines (20 loc) · 1.59 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
This is a plugin that makes Moodle an Identity Provider site: other application can use Moodle as a login portal
Requires SimpleSAMLphp, configured as IdP: https://simplesamlphp.org/docs/stable/simplesamlphp-idp
ATTENTION: SimpleSAMLphp's session store (config/config.php, 'store.type') MUST BE "sql". "phpsession" will not work, "memcache" is not tested
ATTENTION: SimpleSAMLphp's baseurlpath (config/config.php, 'baseurlpath') MUST BE in the full URL format
To make the plugin work:
1: use standard Moodle instalation mechanism;
2: enable and configure the plugin via Moodle (Site administration -> Plugins -> Authentication). "Auth source" is the name from step 4, here it's "moodle-userpass"
3: in SimplesamlPHP, add the plugin's ./moodle directory to SimpleSAMLphp' /modules directory. Since these must be on the same physical server, a symlink works perfectly
4: in SimpleSAMLphp config/authsources.php, add following to $config:
'moodle-userpass' => array(
'moodle:External',
'moodle_coderoot' => '/var/www/ticket/moodle314/www',
'logout_url' => 'https://10.0.0.28/moodle314/auth/samlidp/logout.php', // plugin's logout page
'login_url' => 'https://10.0.0.28/moodle314/login/index.php', // standard Moodle login page
'cookie_name' => 'MoodleSAMLIDPSessionID',
),
5: in SimpleSAMLphp, in metadata/saml20-idp-hosted.php, modify 'auth' with the name from step 4:
'auth' => 'moodle-userpass',
KNOWN ISSUES
1. If a user logs out from Moodle, it will not log them out from their SP application. The logout process is one-directional, from the SP app to Moodle