Federated Access with SAML


(Bruce Becker) #1

Dear Discourse users,
we chose Discourse as the tool of choice for creating the online discussion forum for a new Horizon2020 project targeting research communities in Africa - Sci-GaIA. Discourse has many selling points, and we chose it over Liferay Discussion boards because of it’s design and gentle adherence to the unified rules of civilised discourse. We had one critierion which was absolutely required and that was federated authentication since we would be bringing in users from research communities who manage their own identity federations.

So, we wanted an SSO that was decentralised, and SAML-based. Reading through the Discourse SSO documentation, it seemed that it was possible, given that this is built into it. However, we had to develop a small package which converted the attributes provided by the federated identity providers and those requested by Discourse. This was written by @fmarco76 and based on Flask.

The code we’re using at http://discourse.sci-gaia.eu is at GitHub - AAROC/DiscourseSSO: SSO Discourse Application to allow SAML authentication. We would appreciate suggestions on how to improve or modify it; and of course it’s available to the community for re-use, with an Apache-2.0 license.

(Bruce Becker) #2

@fmarco76 has announced and described the project here as well. I guess it’s appropriate to comment and discuss there, so I suggest to close this topic and refer everyone who may happen upon it to the initial post.

Thanks !