In this setup, we'll be adding Database as an Authentication Source for logging the users into different applications.
Where is this applicable:
Custom applications or CRM/HRM/CMS/LMS where users are stored and do not support any Single Sign On protocol inherently like Wordpress,
Moodle, Drupal or rather any custom application which is storing the users.
Step 1: Setup Database as Authentication Source
- Login into your miniOrange Admin console and navigate to User Stores->Add User Store, and select the Database Tab.
- Enter the Database user-store Identifier it can be any name relevant to the User-store.
- Select the Database type, we currently support:-
||Port Number Default
- Database HostName (You can check with your administrator for this) and port number (refer to defaults above)
- The Database name(database-name) to be connected with, which stores the users.
- Enter the Username and Password of the user which has permissions to access the database mentioned above.
- Enter the Table name, where users are stored for authentication.
- Enter the column name for Usernames (which can be Email-address, Unique IDs) and Password columns respectively.
- Add attributes allows us to send attributes from Database to any configured application. You can write a query to fetch the attributes which should be of below format:
For example, We want to fetch FirstName from table users with a where clause and username, the '?' will be replaced by the actual username fetched from the Username column mentioned above.SELECT 'FirstName' as VALUE, FirstName FROM `users` WHERE username = ?;
- Select the Hashing type used for hashing the password. We support the below Hashing types:
Default Settings for Wordpress as User-store:
- You can access wp-config.php in the root Wordpress folder to get the database hostname, port number, database name using the below keys.
|Admin username and Password
||DB_USER and DB_PASSWORD
- Attribute Query example for First Name: SELECT 'first_name' as VALUE, first_name FROM `wp_usermeta` WHERE userid= (select ID from wp_users where user_login=?);
Step 2: Testing Configuration:
After clicking on save, click on Select-> Test Connection. Enter the credentials of the user stored in the database for testing if the connection is correctly set up.
Step 3: Configure Your application in miniOrange
- Login to miniOrange Admin Console.
- Go to Apps >> Manage Apps. Click on Configure Apps button.
- Then click on Create App under SAML.
- Search for you Application. In case you do not find your app, search for Custom SAML App.
- Get the ACS URL and SP Entity ID from your application.
- Enter the following values OR click on Import SP Metadata:
|Service Provider Name
|| Choose appropriate name according to your choice
|SP Entity ID or Issuer
||Your Application Entity ID
|ACS URL X.509 Certificate (optional)
||Your Application Assertion Consumer Service URL
- Click on Save to configure Your applcation.
- Now to get the IDP metadata of the app configured, Go to apps >> your_app >> select >> metadata tab.
- Click on the Show Metadata details in the Information required to Authenticate via External IDPs section. Download the metadata XML file by clicking on Download Metadata button or copy the Metadata URL link.
- You need to Upload this metadata in your application.
Step 4: User Provisioning
- Navigate to Users-> User Provisioning settings.
- Select the Databasefrom the drop down menu.
- Check the provisioning features.
- To import the users from Database, go to the User Provisioning, Click on the Import Users button.
- Select the Database from the drop down menu and save the configuration.
- Now go to the Users >> User List and you will find the all the users imported from Database.