![]() With Pantheon offering HTTPS you will also want to make sure to use it if you are going to be passing information around through headers. Please also note that while my code snippet will work well for development against a Pantheon sandbox you will likely want to lock things down a bit more prior to going into production. I'm fairly certain allowedMethods works the same way if you specifically want to list out your methods. I originally had a single string like you do in your example above, and it failed countless times before I caught the subtle difference. Notice the comma separated list of allowedHeaders each in their own set of quotes. It will only work if in the /sites/default directory. I was wrongly under the impression it would work from both places. Regarding the location of the file on Pantheon, please make sure your service.yml file is in /sites/default vs just /sites. nfig:ĪllowedOrigins: [' # Sets the Access-Control-Expose-Headers header. I ran into this fairly recently on Pantheon, and hopefully this helps if you haven't already solved it. Service access working fine using chrome CORS extension. Using pantheon dev environment for web services and localhost custom. I am creating this for test development across two different domains. I googled to find further detailed configuration on this but could not find one. # Sets the Access-Control-Allow-Credentials header. # Sets the Access-Control-Max-Age header. # Sets the Access-Control-Expose-Headers header. # Configure requests allowed from specific origins. # Specify allowed request methods, specify to allow all possible ones.ĪllowedMethods: # Specify allowed headers, like 'x-allowed-header'.ĪllowedHeaders: My current service.yml setup for cors is: nfig: However, I was not able to configure this setup to allow web service access over another domain. Now to use services we just enable and configure file as specified in here simplesamlphp/config-templates to /simplesamlphp/config and edit config.php 6- Ensure SimpleSAMLphp can keep sessions on Pantheon.Īdd the following lines to the top of config.php: if (!ini_get('session.save_handler')) 7- Set up the rest of Pantheon specific settings.Īdd the following last at the bottom of config.Drupal 8 has RESTful web service in-built in core and since 8.2 we don't need cors module. ![]() You can also do this with Drush executing drush ev 'Drupal\saml_idp\Install::postInstall()' 4- Go to your drupal site and enable the saml_idp moduleĪfter this create the subdirectory /private/simplesamlphp/drupalauth and create an empty file with the name ‘default_enable’ in that directory in order to enable the Drupal 8 integration. You’ll probably want to change the ErrorLog and CustomLog files locations as well. ![]() Take in account that you’ll need mod_rewrite to be enabled. ![]() Replace /var/with your desired local domain name. SetEnv SIMPLESAMLPHP_CONFIG_DIR /var/www/myproject_com/simplesamlphp/configĪlias /simplesaml /var/www/myproject_com/simplesamlphp/wwwĬustomLog "/log/apache2/myproject_com-access_log" common 2- Create a symlink on your project rootįrom /simplesaml to /private/simplesamlphp/Your project structure should be as follow: In my case I also installed Drupal on the web subdirectory in order to have a cleaner structure. ![]() Setting up SimpleSAMLphp 1- Place SimpleSAMLphp inside a /private folder The following tutorial assumes that you are on a linux based computer or a Mac. Download the Drupal module saml_idp (you’ll notice that this repo is a fork of this one this is because there were some changes necessary to make it work which are described here.) Download the latest version of SimpleSamlPHP.ģ. You could even connect your IdP with Google Apps. What we were able achieve in the end, is a Drupal 8 site working as the identity provider and a ASP.NET site working as the service provider, that’s the best part about SAML, both sites don’t need to be written on the same language. There are a number of articles detailing how to implement the SAML 2.0 protocol, but if you want to host your site on Pantheon and use Drupal 8 as your identity provider, there are a few details to take in account. Let’s say that you have a collection of sites and instead of having a separate user database on each one, you want to manage logins from one centralized place, this is in essence what single sign-on means. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |