OwnCloud is an open-source file hosting application provide services for business and personal use. It is a flexible tool which manages file and data synchronization. It helps users to store files, folders, contacts, photo galleries, calendars and more on a server of your choice. It is a self-hosted file sync and share server that is all under your control.
Content can be shared by defining granular read/write permissions between users and groups.
To use application effectively you can be logged in into Owncloud using SSO. Single sign-on helps employees save time, prevents lost or forgotten passwords, and reduces the risk of password theft.
To achieving Single Sign On between Identity Provider(Wordpress/Joomla/Drupal) and Service Provider (Owncloud) both need to supports SAML. Owncloud supports SAML connection but it is supported in the Owncloud enterprise version.
Single Sign On user can login into IdP based site and gain access to Owncloud services. Identity Provider can manage identity details of users and give the authorization to use the resources of the service provider.
The SAML IDP plugin makes SAML connection between Wordpress and Owncloud. miniOrange SAML IDP Plugin is an authentication component that serves identity details to the service provider for on-premise, cloud and mobile. SAML single sign-on (SSO) compliance makes it possible for users to authenticate through identity provider when they log in to Owncloud applications. SAML SSO module acts as an Identity Provider which can be configured to build the trust between the module and Owncloud Service Provider.
SAML exchanges security and identity related information such as authorization and authentication. User can easily login to Owncloud using their Wordpress credentials.
How miniOrange SAML plugin can work for Owncloud?
Steps to configure Owncloud as SP:
- Step 1: Go to Identity Provider tab in the plugin and enter
the following values:
|Service Provider Name||Owncloud|
|SP Entity ID or Issuer|| Owncloud Entity ID |
|ACS URL||Owncloud ACS URL |
|Single Logout URL||Single Logout URL of the Owncloud.|
|X.509 Certificate (optional)[For Signed Request]||Paste X.509 Certificate from STEP 1 for Signed Request.|
|NameID Format||Select NameID format for Owncloud |
|Response Signed ||Owncloud signed Response.|
|Assertion Signed||Owncloud signed Assertion.|
|Encrypted Assertion||Owncloud an encrypted Assertion.|
- Click on Save to save your settings.
- Step 2: There are two ways to setup the Owncloud. You can either import the metadata file of the IdP or provide individual values required by the Owncloud from Wordpress Identity Provider (plugin). You can find both under the Service Provider Tab in the plugin.
Here is an example of setting up Owncloud as a Service Provider :
- 1. Log in to your Owncloud’s Admin Console.
- 2. Go to Security Settings.
- 3. Under Security Settings go to Setup up single sign-on (SSO) settings.
- 4. You will need to provide the following information in Owncloud from the plugin’s Service Provider Tab under the Setup SSO with Third party Identity Provider Section:
|a. Sign-in page URL ||SAML Login URL from the Service Provider Tab.|
|b. Sign-out page URL|| SAML Logout URL from the Service Provider Tab.|
|c. Verification Certificate ||Upload the certificate from the Service Provider Tab|
- STEP 3 :If your Service Provider needs extra user attributes or custom attributes to be sent in the SAML
response then you can configure this under the Attribute/Role Mapping Tab.