Middlebury

Difference between revisions of "Deploying a new Drupal 8 site"

(Created page with " == AzureAD Setup == === Initialize the Drupal site === #Navigate to '''/admin/config/people/saml''' in your site administration. #Set the '''Service Provider Configuration...")
 
(Replaced content with " [https://middlebury.atlassian.net/wiki/spaces/WTASDOC/pages/23335971/Deploying+a+new+Drupal+8+site Moved to EWS wiki].")
Tag: Replaced
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
  
== AzureAD Setup ==
+
[https://middlebury.atlassian.net/wiki/spaces/WTASDOC/pages/23335971/Deploying+a+new+Drupal+8+site Moved to EWS wiki].
 
 
=== Initialize the Drupal site ===
 
 
 
#Navigate to '''/admin/config/people/saml''' in your site administration.
 
#Set the '''Service Provider Configuration''' -> '''Entity ID''' to the path of this site's front page without the trailing slash.
 
#Download the metadata from '''/saml/metadata'''. You will need to upload this file to AzureAD.
 
 
 
=== Configure AzureAD ===
 
 
 
#Go to https://portal.azure.com
 
#Click on '''Azure Active Directory''' in the left nav
 
##Click on '''Enterprise Applications''' in the second-most left nav
 
##Click the '''+ New application''' button at the top of the pane
 
##Select '''Non-gallery Application'''
 
##Enter '''Drupal - <site name>''' in the '''Name''' textfield
 
##Click the '''Create''' button 
 
#Click '''Properties''' under '''Manage''' in the second-most left nav
 
##Upload the Drupal logo file
 
##Change '''User assignment required?''' to '''No'''
 
##Change '''Visible to users? '''to '''No'''
 
##Click the '''Save''' button at the top of the pane 
 
#Click '''Owners''' under '''Manage''' in the second-most left nav
 
##Add yourself and any other members of [[Web_Technologies_&_Services]] as owners. 
 
#Click '''Single sign-on''' under '''Manage''' in the second-most left nav
 
##Select '''SAML'''
 
##Click the '''Upload metadata file''' button at the top of the pane and upload the file you downloaded in the Initialize the Drupal site section above.
 
##Click the pencil icon under step 3 '''SAML Signing Certificate''' and delete the '''Notification Email Addressses''', then add itswebapplications@middlebury.edu as a notification email address.  
 
##Click the '''Save''' button at the top of the pane then click the '''X '''button at the top right
 
##Click the '''Download '''link next to '''Federation Metadata XML''' under step 3 '''SAML Signing Certificate''' 
 
 
 
=== Configure the Drupal site ===
 
 
 
#Navigate to '''/admin/config/people/saml''' in your site administration.
 
#Under '''IDENTITY PROVIDER CONFIGURATION'''
 
##Paste the value from the '''<X509Certificate>''' element in the XML file you downloaded from Azure into the '''Primary x509 Certificate''' textarea.
 
##The '''Entity ID''' and other values should be the same for all sites, but can be verified against the content of the XML file. 
 
#Under '''USER INFO AND SYNCING'''
 
##Set '''Unique identifier attribute''' to <span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Attempt to map SAML users to existing local users''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Create users specified by SAML server''' to '''No'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Synchronize user name on every login''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Synchronize email address on every login''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''User name attribute''' to http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''User email attribute '''to http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name</span> 
 
#<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Under '''SECURITY OPTIONS'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Strict mode''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Sign authentication requests''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Request messages to be signed''' to '''No'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Set '''Request authn context''' to '''No'''</span> 
 
#<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui, " segoe="" ui",="" roboto,="" "noto="" sans",="" ubuntu,="" "droid="" "helvetica="" neue",="" sans-serif;="" font-size:="" 14px;="" font-style:="" normal;="" font-variant-ligatures:="" font-variant-caps:="" font-weight:="" 400;="" letter-spacing:="" orphans:="" 2;="" text-align:="" left;="" text-indent:="" 0px;="" text-transform:="" none;="" white-space:="" widows:="" word-spacing:="" -webkit-text-stroke-width:="" background-color:="" rgb(255,="" 255,="" 255);="" text-decoration-style:="" initial;="" text-decoration-color:="" display:="" inline="" !important;="" float:="" none;"="">Export this configuration for the site and deploy it to production.</span>
 
 
 
[[Category:Drupal]]
 
[[Category:Web Application Development]]
 

Latest revision as of 16:16, 15 February 2021

Powered by MediaWiki