—- plugin —-
Description: This plugin provides Single Sign-on, SSO
for phpList
via the `SIMPLESAMLPHP`.
author : Fon E. Noel Nfebe <github.com/fenn-cs>
type :
compatible : phpList 3.6.8 and above, PHP 7.4 and above
depends :
conflicts :
similar :
tags : authentication
Source Repository : https://github.com/phpList/phplist-plugin-simplesaml
To easiest way to setup this plugin is through the plugins page (menu Config > Manage plugins) using the package URL https://github.com/phpList/phplist-plugin-simplesaml/archive/refs/heads/main.zip
The plugin may be enabled at this point or after the SimpleSAMLPHP
config described below.
This plugin requires an installation of `SIMPLESAMLPHP` to work. So the puglin comes with a ready to use build of SIMPLESAMLPHP
. However, it is required that the server on which the phpList
instance is running is configured to point to the simplesamlphp
folder that comes in the plugin.
Essentially, your-phplist-domain.ext/simplesamlphp
should point to the folder in main/simplesaml/simplesamlphp
of the extension or a copy of it on your server.
Advanced User: See simplesaml config section in the read me for more detailed information
By default, this plugin is configured to work with the phpList
's Keyclaok
server. If you wish to change the identity provider, more configuration would be required. As described below.
In main/simplesaml/simplesamlphp/config/authsources.php
the following parameters have to be set:
main/simplesaml/simplesamlphp/config/config.php
the following parameters have to be set:baseurlpath
: The baseurlpath
refers to the base url the running SimpleSAML
configuration. Depending on where simplesaml was installed, it could be a separate domain such as phplist.com/simplesamlphp/www
or a path like phplist.com/admin/simplesamlphp/www
.
NB: The baseurlpath (which is essentially the simplesamlphp installation URI) is where the IdP returns the SAML response after a successful login. The SAML request would then be parsed and simplesamlphp would redirect back to the phplist url that sent the request or the one set via the RelayState
property in the config array of authsources.php
within the config dir.
For more information about the custom configuration see Readme config section)
See the README file on the GitHub page https://github.com/phpList/phplist-plugin-simplesaml
It is recommended to only enable the plugin only after the SIMPLESAMLPHP
configs are set in the various configuration files described above and or in the README.
You should verify that yourdomain.com/simplesamlphp
for example phplist.com/simplesamlphp
loads the simplesamlphp
files correctly and that phplist.com/simplesamlphp/www
loads the simplesamlphp
UI like the one shown below.
After cloning the plugin in your plugin directory, you should login normally using your admin credentials and activate the plugin from the plugin management tab.
Once the plugin is activated, if you logout the plugin should automatically redirect you the the Identity provider.
Report any issues or questions in the support forum https://discuss.phplist.org/