You are looking for
The installation of RO Single Sign On is not as simple as most other Joomla extensions as it requires in-depth knowledge of SAML and specific server setup. Due to this we only deliver RO Single Sign On with installation by us or selected partner as this is the only way we can guarantee RO Single Sign On will be setup correctly. Depending on the...
RO Single Sign On has it all in the name, it provides single sign on services for Joomla. Link your Joomla site to any SAML or Shibboleth identity provider to allow users to login with their own account. Build your own identity provider using your Joomla site and provide identity services to other sites.
A few years ago this started out as an idea of what might be cool to do with Joomla, instead of LDAP use SAML to allow users to login to the Joomla website within a corporate environment. The aim was to create a user-friendly interface to do the majority of these tasks to make it simple to maintain.
Instead of using an external party like Google or Facebook to handle your authentication you can use your Joomla site as an Identity Provider. Hook up any client, like any other Joomla site or another application that makes use of SAML to connect to your Joomla website.
Roland Dalmulder RolandD Cyber Produksi was founded in 2006 when I, Roland Dalmulder, started developing CSVI as a modified file for VirtueMart 1.0. After nearly a decade running CSVI by myself, Tharuna Balaji joined me and together we are here to serve you. We impose high quality code standards, strive for perfection and always look for ways...
The old IDEAL implementation communication between your website and the bank makes use of cryptographically signed certificates. This is to prevent outsiders from eavesdropping and taking over the communication for example. Using incorrect certificates can generate an error like failure signing data.
RO Payments can be used in two different ways with RSForm!Pro: StandaloneThis only uses the RO Payment fields Integrated with Payment Pro PackageThis uses the RO Payment button for use in the Payment Pro Package dropdown Creating a form using RO Payments standalone Using RO Payments in standalone mode requires at least the total field to...
Since the introduction of version 3, it has been possible to add multiple payment methods with a single plugin in HikaShop. This document explains step by step on how to add a payment method in HikaShop. You can repeat this process for every payment option you want to offer.
Hello, If you want to see RO Single Sign On in action, you can check the https://identity.joomla.org site. This official Joomla site is powered by RO Single Sign On. There is currently no demo site running with RO Single Sign On. As for Keycloak, I am going to look into that and get back to you as said earlier.
Hello, Until your question I had never heard of Keycloack, so I checked it out. On the Keycloak website I see that they support SAML as protocol and that is what RO Single Sign On uses, so I see no problem using RO Single Sign On with Keycloak. [quote]Would you have any examples?[/quote] I do not have any examples because I had not even heard of Keycloak until now. However I assume you will be using your Joomla site as Service Provider connecting to Keycloak where users will login. That is a pretty straightforward setup. The steps to setup RO Single Sign On is explained in the [url=https://rolandd.com/documentation/ro-single-sign-on/setup-joomla-as-a-service-provider]Setup Joomla! as a Service Provider[/url] document. Let me know if you have any further questions.
Can I configure RO Single Sign On to connect using Keycloak? Would you have any examples?
Can I install RO Single Sign On on multiple sites? I'll take a look at your examples using SAML support
Hello Eddie, The metadata links are specific to your site and how you set it up so I cannot give you the exact link but you can find it in RO Single Sign On. Go to Components -> RO Single Sign On -> Dashboard. On the Tips & Information tab you will find all the Metadata links. The metadata link you will find under [b]The Service Provider metadata URL is:[/b] and then [b]Import[/b] that should be enough to give to them.
Hello, Ok, with that error you cannot setup the SSO connection of course. We need to see what we can do to fix that first. The error you get is because SimpleSAMLphp is trying to sign the request with a private key. Can you please post your general settings from RO Single Sign On?
Hello, How are you planning on using RO Single Sign On? What is the setting you are using? The setup with Keycloak will work as it also uses SAML. I will have a closer look for you to double check.
Hello Andy, RO Single Sign On uses Joomla users as primary source for authenticating users when setup as Identity Provider. New accounts must then also be created on the Identity Provider site as this is then your single point of truth when it comes to user accounts. Let me know if you have any further questions.
Hello, [quote]Currently I login to Keycloak, and I redirect to Joomla taking the data (name, email etc) of the user connected to Keycloak[/quote] You already have this working? If so, do you still need RO Single Sign On then?
Hello Eddie, As I mentioned to Laura earlier, I have no idea if it works with CAS. The extension was build based on using SAML, the underlying library (simpleSAMLphp) does support Shibboleth but I have not looked into that. So I am not sure if this works out of the box or not. A regular setup has explanations on the Home tab when you go to Components -> RO Single Sign On. There is no user documentation other than that because a regular installation requires specific knowledge which generally means I need to install it. Single Sign On is not something that is plug and play I am afraid.
Hi, Roland, I mapped the fields in RO Single Sign-On > Identity Provider Profiles and finished configuring the extension, module, and plugin. When I click the “Login” module on the front-end, I am directed to our university’s single-sign on page, but when I log on, I am then redirected to the wrong URL. The site I am testing this with is [url=https://webdev.sas.rutgers.edu/cms/sandbox39/]https://webdev.sas.rutgers.edu/cms/sandbox39/[/url] which is not accessible outside Rutgers. After logging in, I am being redirected to: [url=https://webdev.sas.rutgers.edu/libraries/simplesamlphp/www/module.php/saml/sp/saml2-acs.php/test-idps] https://webdev.sas.rutgers.edu/libraries/simplesamlphp/www/module.php/saml/sp/saml2-acs.php/test-idps[/url] - this URL is missing the “cms/sandbox39/” portion of the URL. Do you know how this can be fixed? Thanks, Eddie [b]From:[/b] RolandD Cyber Produksi [b]Sent:[/b] Saturday, August 22, 2020 5:19 AM [b]To:[/b] Edward Konczal [b]Subject:[/b] [#63545]: Errors installing RO Single Signon (Reply)
Hello Eddie, This is not a support section but a pre-sales section for asking questions about our products. Support is only given if you have an active membership and I don't see an active RO Single Sign On subscription in your name. Since you don't have an active subscription I wonder how you came by our software. It is open source so no problem there but we cannot support non-members.
Hi, Roland, We have been able to install RO Single Sign On on a Joomla! website connected to a newer database server. Here is what we (Laura Gordon) and I are trying to accomplish: We would like to allow logins to Joomla! using our organization’s central authentication service. It supports both CAS and Shibboleth. Is there documentation on establishing this type of authentication? Regards, Eddie[b][/b] [b] [/b] [b] [/b] [b] [/b] [b]From:[/b] RolandD Cyber Produksi [b]Sent:[/b] Friday, July 31, 2020 4:46 PM [b]To:[/b] Edward Konczal [b]Subject:[/b] [#63545]: Errors installing RO Single Signon (Reply)
Hello, [quote]I would like to also import users from sub folder on Joomla 3 to main domain which is on J4, so they can login also on main site with same password as they have on Joomla 3. Or ask them to login like google i read something about RO SINGLE SIGN ON maybe this will work. [/quote] You don't need RO SSO here. You can just export users from Joomla 3 site to Joomla 4 site using RO CSVI Migration templates. Check [url=https://rolandd.com/documentation/ro-csvi/migrate-joomla-data-using-ro-csvi-migration-templates]Migrate Joomla data using RO CSVI migration templates[/url] document to know to use migration templates.
Hi, I'm testing your method of using double inch signe when using " symbol as delimiter. I also added copyright symbol in the import to both title, short and long description. I can import all but the inch sign is then showing as double-" sign not one " as it should be. Am i missing somethig still? We do not want so show on frontend the inch in format 21"" but is should be 21". So how can we use " as delimiter AND use inch sign " (once) in the title/descriptions and use copyright symbol? Sorry don't get it! - Anne [attachment]testing-double-inch-sign.png[/attachment]
Hi Roland, We have made changes as per your suggestion but getting the error - Could not find the metadata of an IdP with entity ID 'https://dev-524269.okta.com/app/exkh3kpdz9XPMdtgN357/sso/saml/metadata' We checked this link for the error - https://rolandd.com/documentation/ro-single-sign-on/could-not-find-the-metadata-of-an-idp-with-entity-id-metadata-not-found but not able to find the solution. Our hourly rate is €75,- per hour excluding tax if applicable. - How much time it will take to do setup?
Hello, [quote]Essentially I have setup a Joomla site to act as the identity provider, and need 2 other Joomla sites to use that same identity provider to login.[/quote] That should be no problem. [quote]I do need to be able to provide user profile fields between the 2, and user group information in case I need to do different groups in the future.[/quote]There are only a few fields (email, username, name) passed on between the IDP and the SP (service provider). If you need other fields, this would require some custom solution at this point. [quote]but am having difficulties with the other,[/quote]What issue are you having connecting the second SP? You would set this up the same way as the other site you have working. On the IDP you would add the second site to the Service Provider Clients. Make sure the metadata is refreshed on both the IDP and the second site. [quote]and also having difficulties with logout functionality[/quote]There is no single sign off implemented. You would create a menu item of the type RO Single Sign On -> Logout that will act as a logout button on each service provider.
Dear Support Team, I am facing a parsing error while setup an Identity Provider. I have attached a screenshot for your reference. I went through the following document to setup Identity Provider [url=https://rolandd.com/documentation/ro-single-sign-on/setup-joomla-as-an-identity-provider]Document Link[/url] but getting parsing error after executing the command `php metarefresh.php http://dev.indiaesa.info/simplesaml/saml2/idp/metadata.php. Can you please check if I am doing incorrect configurations? I have provided details of the site.[attachment]attached (1).png[/attachment]
Hello, We have a document explaining what to do with the [url=https://rolandd.com/documentation/ro-payments/failure-signing-data]Failure signing data[/url] issue. Check these steps but usually creating a new certificate fixes this. Check that there is no = sign in your password as that can corrupt things as well.
Hi Roland, I used the same URL - Single sign on URL - https://qa-ux.indiaesa.info/sso/module.php/saml/sp/metadata.php/okta?output=xhtml Audience URI (SP Entity ID) - https://qa-ux.indiaesa.info/sso/module.php/saml/sp/metadata.php/okta Setup the php /var/www/qa-ux.indiaesa.info/public/libraries/simplesamlphp/modules/metarefresh/bin/metarefresh.php https://dev-524269.okta.com/app/exkh3kpdz9XPMdtgN357/sso/saml/metadata But when I click on Metadata URL, I am getting an attached screen.