@mattab opened this Issue on March 8th 2015 Member

The goal of this issue is to create a new Authentication plugin for Piwik that will let users login via the SAML 2.0 framework for SSO auth.

SAML Framework

Here are the requirements for the new Authentication Plugin:

  1. Login process needs to be extended to support both existing internal authentication mechanisms as well as SAML authentication via Client's IDP.
  2. Login Page and related modules should provide a clear link to initiate SAML authentication.
  3. SAML Authentication attempts should be logged and clearly identifiable.
  4. SAML Authentication should provide verbose logging for debugging purposes.
  5. SAML configurations should be defined in a single location accessible only to administrators.
  6. SAML encryption keys must be stored in a secure area and only accessible to administrators and protected from exposure.
  7. SAML Authentication will only allow access if a corresponding user exists and is active in the local authentication database.
  8. Logout terminates active sessions for the application only.

Recommended deliverables:

  1. High-level design document with sequence diagrams on SAML/Launchpad integration
  2. Well written code with test scripts as per specification/requirements
  3. Readme file explains the instructions on deployment.

Note: there is this plugin that does CAS Login in Piwik: https://github.com/fnp/piwik-CASLogin

@huan086 commented on April 12th 2017

Any progress on this? If no, I will be hiring people to develop this

@mattab commented on August 1st 2017 Member

SAML plugin has been re-created from scratch and is now available on the Marketplace!

Learn more here: http://plugins.piwik.org/LoginSaml

and in our SAML User Guides: https://piwik.org/docs/login-saml/
and the Login SAML Faqs: https://piwik.org/faq/login-saml/

If you need help we can provide some support for SAML, learn more here: https://piwik.org/support/login-saml/

@sgiehl commented on September 10th 2017 Member

As mentioned by @mattab, this plugin has been released. Closing this issue now.

This Issue was closed on September 10th 2017
Powered by GitHub Issue Mirror