As we continue to further develop RO Single Sign On with great features this release also brings some new exciting options. You can manage even more options from the interface now to configure SimpleSAMLphp. The logging options have been extended and you can add Authentication Filters on the identity provider.
The SimpleSAMLphp library has been updated to version 1.19.5
In this release we have extended the debug options. Not only can you now turn it on or off, you can also set all other logging related options. The level of logging, in other words, how much needs to be logged, where it needs to be logged, how the log should look like. Also the process name can be set when logging to the system log.
The authentication filters are a powerful option to modify a request just before sending it from the identity provider to the service provider. This allows you to do for example:
- Filter out a subset of attributes that are sent to the service provider
- Modify attribute names
- Generate new attributes
- and a lot of other things
What we do in the screenshot below is to specify the format of the emailaddress attribute as this is often needed in ADFS setups.
A small change has been made to the administrator login page. In case you are logged-in via Single Sign On but you do not have access to the administrator part of the website, you would see a login button instead of a logout button. There is now a logout button so you can sign out of Single Sign On.
The front-end module to allow users to login or logout was checking for a Joomla user session to see if the user is logged-in into Single Sign On, this has been changed to use the Single Sign On session to check if the user is logged-in or not.