We’re currently using LDAP authentication with OJS and I’ve been told that OJS ships with out of the box SAML support, but I can’t find any information on this. Is this is accurate? Does anyone have it setup? We use Ping Federate and are trying to decide whether to turn off our LDAP authentication (and rely on OJS local auth) or upgrade to SAML SSO as part of a move to remote hosting with PKP.
Thanks, I’ll send to our authentication team and get some advice. Do you know if this works with multiple domain names? We have a multi journal install with separate domains for each journal i.e. not sub domains.
If using the Linux NativeSP, I know from personal experience that you can attach this via mod_shib to multiple Apache name-based VirtualHosts. Note that the implict auth config happens at the OJS site install level, so if you had divergent configuration parameters for individual journals (for example, JournalA uses WAYF #1, but JournalB uses WAYF #2), these would need to be housed in different OJS installs.