3.0.0
I am now trying to use single sign-on and single logout via ADFS in my Xibo cms.
When SAML authentication is enabled, we cannot login to the super admin account through the original xibo login page.
All new users are created with the same User Group specified in the settings-custom.php file.
Therefore, account provisioning cannot be done once SAML is enabled.
So how can we handle the user access rights with SAML?
Thanks.
You need to disable SAML, and log in with a local account.
Once logged in, rename an existing Super Admin user to have whatever username that same person would get when they log in with SAML.
Now log out, re-enable SAML, and then when you log in as that user they will be a SuperAdmin.
So for example, you’d log in locally and rename the xibo_admin user as dennis@example.org if your SAML configuration matches users by email address, or dennis0126 if it matches on usernames. See the accounts that were automatically created for an example.
Then re-enable SAML and when you log in, you’ll be the old xibo_admin account and you will have Super Admin privileges.
This seems to be a nice solution.
Thanks Alex.
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.