Security

ABT (Access By Term)

Provides very flexible, hierarchical node access control (content access control), for D7.

This module integrates Drupal with SimpleSAMLphp, the most robust and complete implementation of SAML in PHP. It makes it possible for Drupal to communicate with SAML or Shibboleth identity providers (IdP) for authenticating users. The resulting Drupal site can effectively act as a SAML or Shibboleth service provider (SP).

Prerequisites

• SimpleSAMLphp - you must have SimpleSAMLphp version 1.6 or newer installed and configured to operate as a service provider (SP).

NOTE: Your SimpleSAMLphp SP must be configured to use something other than "phpsession" (the default) for session storage. The alternatives are memcache or sql. The sql option was added in SimpleSAMLphp version 1.7. The simplest solution for folks running SimpleSAMLphp version 1.7 or higher is to edit the SimpleSAMLphp config/config.php by setting store.type => 'sql' and 'store.sql.dsn' => 'sqlite:/path/to/sqlitedatabase.sq3'

Features

• Just-in-time provisioning of Drupal user accounts based on SAML attributes (configurable).
• Automatic role assignment based on SAML attributes (configurable).
• Dual mode - support for traditional Drupal accounts and SAML-authenticated accounts at the same time (configurable).

The Drupal 8 version is released and has protection for all the forms as shown in the image. The only thing missing is protection for Webform and that module is not nearly ready fo

The Barracuda (part of BOA) project has moved to Github!

This module will allow you to add Time-based One-time Password algorithm (TOTP, also called "Two-Factor Authentication - TFA" or "Multi-Factor Authentication - MFA") support to user logins.

Efficiently disable the display of any node.
(Maybe not a good choice for a drupal appstore.)