How to use SAML authentication with a private website?

Question

We have a website used for the intranet of our company and its access is forbidden to guest users. We'd like to set up the SAML authentication but there is no option to login through SAML in the Jahia login page.

Answer

Here are the steps to follow to have the SAML authentication available in a private website, like an intranet:

• At the same level as the home page, add a page named saml-login and add the SAML login example button to it
• Add the file error_401.jsp to the module containing the site template, in the folder MODULE_SRC_HOME/src/main/resources/errors/: 

  <%@page language="java" contentType="text/html; charset=UTF-8" session="false" %>
  <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
  <html>
     <head>
        <title>SAML redirect login page</title>
     </head>
  
     <body>
        <c:redirect url = "/saml-login.html"/>
     </body>
  </html>

  • This will redirect users to the saml-login page when they are not authenticated.

• Do not restrict access to the site. Instead, restrict access to the home page and the pages below it. The saml-login page will then be accessible when your users are not yet authenticated and they will be redirected to it
• Configure SAML as follows: 
  • The identity manager (Google in my case) will then know that once authentication has been successful, it must redirect the user to the saml-login.html page
  • The redirect parameter is then used by the SAML module to redirect to the site's home page