* urban <
mi...@engineered-solutions.us> [2021-11-12 16:03]:
> I have two Drupal9 sites and a PHPBB3 forum on the same shared
> hosting installation on a Lightspeed server running on a CentOS
> server.
It seems you have some upgrading and possibly migrating to do, then:
https://www.phpbb.com/community/viewtopic.php?f=14&t=2302466
Seems PHPBB3 was EOL'ed 6 years ago.
(Adding security software to that seems akin to what Americans may
call "putting lipstick on a pig".)
> I'm interested in constructing a single sign-on feature for repeat visitors
> wishing to participate in all three sites. I would like registered
> visitors to have a single sign-on / logout provisions.
Sure.
(Logout with SSO protocols is fraught with issues in general, though.)
> I'm seeing indications Drupal may act as a SAML2 provider if
> SimpleSAMLphp is installed.
Yes, but it seems unmaintained as per the comment on
https://www.drupal.org/project/saml_idp
so probably not a good basis for a new deployment.
You might get a way with running SimpleSAMLphp alone (without the
integration code offered by the project referenced above) and
hand-configure SSP to use your existing Drupal database for
authentification and user data/profile lookup.
> It appears there is SAML2 support for PHPBB as well.
Leaving aside the abandoned nature of PHPBB3 itself there's some
discussion here
https://www.phpbb.com/community/viewtopic.php?t=2377386 with the code
at
https://github.com/noud/phpbb-saml2 being the last word as per July
2018.
Again this is integration code that allows PHPBB to use SimpleSAMLphp
for the actual protocol support. I.e., you'd have SSP as the IDP
(using Drupal's DB) and SSP as SP. All on the same server.
The only way this makes any sense is if you must use completely
different DNS domains for all services.
If OTOH those services (the drupal sites and the PHPBB forum) share
(or can be changed to share) a common DNS domain I probably wouldn't
use a SSO protocol to make them accessible, but something much easier,
based on a shared cookie.
HTH,
-peter