dsmrt
commented
3 years ago Quick note on multisite: There are some thing you have to do if you are using a multisite setup. Basically, make sure to each sites is configured on it’s own. See https://github.com/flipboxfactory/saml-sp/issues/89 for more info on this.
Also, I’m little unsure of what the issue is so correct me if i’m wrong. The user will bookmark the portal home page, then, when they come back they aren’t being sent through the sso process, they are given access to the page and not authenticated or identified?
If this is the case, Craft has a {% requireLogin %} tag you can use to make sure only authenticated uses can view the page. This all works with the plugin if you have the loginPath config setup correctly. See https://saml-sp.flipboxfactory.com/configure/login.html#simple-config
Does this help?
http://portal.vincotte.be/ is linked to the idp login, however, if users bookmark the site being displayed http://portal.vincotte.be/portal or http://portal.vincotte.be/fr/portal or http://portal.vincotte.be/nl/portal they bypass the login, and profile context is not available. Am I overlooking something? or is this a bug?