—- plugin —-
Description: This plugin provides Single Sign-on,
phpList via the `SIMPLESAMLPHP`.
author : Fon E. Noel Nfebe <github.com/fenn-cs>
compatible : phpList 3.6.8 and above, PHP 7.4 and above
tags : authentication
Source Repository : https://github.com/phpList/phplist-plugin-simplesaml
To easiest way to setup this plugin is through the plugins page (menu Config > Manage plugins) using the package URL https://github.com/phpList/phplist-plugin-simplesaml/archive/refs/heads/main.zip
The plugin may be enabled at this point or after the
SimpleSAMLPHP config described below.
This plugin requires an installation of `SIMPLESAMLPHP` to work. So the puglin comes with a ready to use build of
SIMPLESAMLPHP. However, it is required that the server on which the
phpList instance is running is configured to point to the
simplesamlphp folder that comes in the plugin.
your-phplist-domain.ext/simplesamlphp should point to the folder in
main/simplesaml/simplesamlphp of the extension or a copy of it on your server.
Advanced User: See simplesaml config section in the read me for more detailed information
By default, this plugin is configured to work with the
Keyclaok server. If you wish to change the identity provider, more configuration would be required. As described below.
main/simplesaml/simplesamlphp/config/authsources.php the following parameters have to be set:
main/simplesaml/simplesamlphp/config/config.phpthe following parameters have to be set:
baseurlpathrefers to the base url the running
SimpleSAMLconfiguration. Depending on where simplesaml was installed, it could be a separate domain such as
phplist.com/simplesamlphp/wwwor a path like
NB: The baseurlpath (which is essentially the simplesamlphp installation URI) is where the IdP returns the SAML response after a successful login. The SAML request would then be parsed and simplesamlphp would redirect back to the phplist url that sent the request or the one set via the
RelayState property in the config array of
authsources.php within the config dir.
For more information about the custom configuration see Readme config section)
See the README file on the GitHub page https://github.com/phpList/phplist-plugin-simplesaml
It is recommended to only enable the plugin only after the
SIMPLESAMLPHP configs are set in the various configuration files described above and or in the README.
You should verify that
yourdomain.com/simplesamlphp for example
phplist.com/simplesamlphp loads the
simplesamlphp files correctly and that
phplist.com/simplesamlphp/www loads the
simplesamlphp UI like the one shown below.
After cloning the plugin in your plugin directory, you should login normally using your admin credentials and activate the plugin from the plugin management tab.
Once the plugin is activated, if you logout the plugin should automatically redirect you the the Identity provider.
Report any issues or questions in the support forum https://discuss.phplist.org/