Limit access to drupal site based on Certificates & moira list


  • Question

Can i create a Drupal site that is visible only to users meeting 2 criterias:
1- User must have a valid MIT certificate and,
2- User must belong to a user list. i.e. ""
What is the best way to accomplish this?


By default, the "login using Touchstone" link allows anyone with a valid MIT certificate to authenticate to your site. Doing so sets them up as a user with the "authenticated" role, which by default does not have any permissions not already granted to anonymous users.

If you would like to restrict the ability to log in to a select list of users, you can use the "whitelist" option in your Shibboleth settings.

Go to Configuration -> People -> Shibboleth settings. Check the "enable" box and type or paste in the list of kerberos IDs for the people you want to allow to log in to your site, and click the Save Configuration button.

Once you do this, if someone clicks the "Login with Touchstone" link, and they are not on the list, they will be rejected. If they are on the list, they will be logged in.


Can web moira lists be put on the white list and will all the people on the web moira list be able to log in?

Can you give different roles do different users on the white list?