Enabling SSO and Weblogin authentication on WHE

You can request that the University of Michigan's single sign-on (SSO) Weblogin system (currently OIDC or Shibboleth) be enabled on your site. By default it is not enabled, but you can request that it be enabled by emailing LSATechnologyServices@umich.edu or as part of your original request.

Directory or Single Page

If you want to use SSO to protect just part of your site, you can make use of a .htaccess file in the required directory. To do this, create or modify a file named .htaccess file inside the directory you want to protect. You can do this via the file manager or via ssh. The file must be named .htaccess (the period is required).

To protect an individual file or page, you can modify your .htaccess file in the same directory and call out the specific file you want to protect.

Full-site SSO

If you want your full website protected so that only University of Michigan affiliated people can access your site, please let us know that intent in your initial request your initial request for your site. On the back end of the system we will enable this feature for every page on your site.

Application-integrated SSO

Some applications such as WordPress can use SSO to replace their built-in login/authentication mechanism. Configuration for application integration varies from application to application. For many applications additional plugins are needed to support SSO. LSA Technology Services has experience helping with setting up SSO for WordPress but may not be able to help you get SSO integrated to other applications.


Article ID: 1666
Wed 5/27/20 9:56 AM
Mon 12/4/23 7:13 AM