WordPress-SAML applications

WordPress-SAML applications are used to implement single sign-on for WordPress.

Procedure

  1. Log on to the IDaaS console as an IT administrator. For more information, see Logon in Administrator Guide.
  2. In the left-side navigation pane, choose Applications > Add Applications. Find the SAML application and click Add Application in the Actions column.
  3. Click Add SigningKey. Configure the parameters and click Submit.

  4. Find the new SigningKey in the SigningKey list and click Select in the Actions column. Configure the parameters and click Submit.

    Note Set IDaaS IdentityId to a value as needed and this value must be consistent with that in WordPress. Set SP Entity ID, SP ACS URL, and NameIdFormat to the values obtained from WordPress.

Configure WordPress-SAML

WordPress-SAML runs in a PHP environment and you must set up a PHP environment. The procedure is as follows:

  1. Download WampServer from the official website and decompress it.
  2. Download WordPress from the official website and decompress it to the www directory of WampServe.

  3. Create a WordPress account in MySQL.
  4. On the WordPress welcome page, set the username and password.

  5. Click Install WordPress in the lower-left corner.
  6. Download miniorange-saml-20-single-sign-on.4.8.23 and decompress it to the C:\wamp\www\WordPress\wp-content\plugins directory.

  7. Restart the php environment and choose Restart All Services. Then install and enable miniOrange: Log on to WordPress and click Plug-ins. Click Enable for miniOrange and then refresh the page.

  8. The miniOrange SAML item is displayed on the page.

  9. Record the values of SP-EntityID/Issuer, ACS (Assertion Consumer Service) URL, and NameID format on the Identity Provider tab. Enter them on the Add Application (WordPress) page.

  10. Set IDaaS IdentityId to a value as needed and this value must be consistent with that on the Service Provider tab in WordPress. Download the .cer file from the IDaaS console and copy the file information to the X.509 Certificate field on the Service Provider tab in WordPress.

  11. After the configuration is complete, add an application account for the WordPress-SAML application. This application account is the email address for the account in WordPress. Then you can log on to WordPress from the IDaaS console in a single sign-on manner.

Notes

  1. The URL of the local WordPress application is 127.0.0.1 or localhost. You can modify the URL on Settings page.

  2. If you cannot modify the miniOrange settings, click the link in the red rectangle in the following figure to log on to miniOrange.