You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Yannick Warnier
f5c2b4ec89
|
5 years ago | |
|---|---|---|
| .. | ||
| lang | 5 years ago | |
| layout | 6 years ago | |
| src | 5 years ago | |
| view | 6 years ago | |
| CHANGELOG.md | 5 years ago | |
| README.md | 5 years ago | |
| index.php | 7 years ago | |
| install.php | 5 years ago | |
| login.php | 7 years ago | |
| plugin.php | 8 years ago | |
README.md
The Azure Active Directory Plugin
Allow authentication (with OAuth2) with Microsoft's Azure Active Directory.
This plugin adds two extra fields for users:
organisationemail, the email registered in Azure Active Directory for each user (under Email in the Contact info section).azure_id, to save the internal ID for each user in Azure (which is also the prefix before the @ sign in the User Principal Name).
Prerequisites
This plugin will not work if you do not use HTTPS. Make sure your portal is in HTTPS before you configure this plugin.
To configure Azure Active Directory
- Create and configure an application in your Azure panel (Azure Active Directory -> Applications registration -> New registration))
- In the Authentication section, set an Reply URL with
https://{CHAMILO_URL}/plugin/azure_active_directory/src/callback.php. - In the Front-channel logout URL, use
https://{CHAMILO_URL}/index.php?logout=logout - In Certificates & secrets, create a secret string (or application password). Keep the Value field at hand. If you don't copy it somewhere at this point, it will later be hidden, so take a copy, seriously!
- Make sure you actually have users
To configure this plugin
- Enable: You can enable the plugin once everything is configured correctly. Disabling it will return to the normal Chamilo login procedure.
- Application ID: Enter the Application ID assigned to your app when you created it in your Azure Active Directory interface, under App registrations.
- Application secret: Enter the client secret created in Certificate & secrets above.
- Block name: (Optional) The name to show above the login button.
- Force logout button: (Optional) Add a button to force logout from Azure.
- Management login: (Optional) Disable the chamilo login and enable an alternative login page for users.
You will need copy the/plugin/azure_active_directory/layout/login_form.tplfile to/main/template/overrides/layout/directory. - Name for the management login: A name for the manager login. By default, it is set to "Management Login".
- Automated provisioning: Enable if you want users to be created automatically in Chamilo (as students) when they don't exist yet.
- Assign a region in which the login option will appear. Preferably
login_bottom.
Enable through the normal login form
You can configure the external login procedure to work with the classic Chamilo form login.
To do it, make sure users have azure in their auth_source field, then add this line in configuration.php file
$extAuthSource["azure"]["login"] = $_configuration['root_sys']."main/auth/external_login/login.azure.php";
Dependencies
This plugin uses the
thenetworg/oauth2-azurepackage.