Unable to debug SAML authentication error

Début
Précédent
1
2
Suivant
Fin

fathibn
Topic Author
Offline
Senior Member

06 Juil 2019 14:11 #1 by fathibn

Unable to debug SAML authentication error was created by fathibn

HI,
Tried to setup SAML authentication against LemonLDAP::NG with no success. Does anyone have some screenshots especially what to enter in the X509 certificate path. I have copy-pasted the public key my SAML idp uses to sign responses but that doesn't seem to be the correct answer.
TIA

Please Connexion or Create an account to join the conversation.

babynus
Offline
Administrator
Moderator

08 Juil 2019 11:15 #2 by babynus

Replied by babynus on topic Unable to debug SAML authentication error

what to enter in the X509 certificate path. I have copy-pasted the public key my SAML idp uses to sign responses but that doesn't seem to be the correct answer.

It should.

Here is an example of some correct configuration

Note that in order to work, you have to define the SP on your IDP serveur, with XML description that you can get throught the button "get Metadata"

Babynus
Administrator of ProjeQtOr web site

Please Connexion or Create an account to join the conversation.

fathibn
Topic Author
Offline
Senior Member

08 Juil 2019 13:17 #3 by fathibn

Replied by fathibn on topic Unable to debug SAML authentication error

Hello @babynus,
I already filled the corresponding form like shown here after

screenshot-ppm.sncft.com.tn-2019.07.08-13-02-32.png

. Also, I copy-pasted the projeqtor metadata url in lemonldap (as just cliquing the button didn't gave the same result), which then pulled the corresponding data and filled its internals as shown here

screenshot-manager.sncft.com.tn-2019.07.08-13-00-49.png

. But at login, projeqtor sometimes seems to redirect to itself like shown here

instead of the saml idp url, and when it connects to the correct url, it returns a message like the following

.
There is also another situation ( and the corresponding screenshot) that i could not reproduce now.
TIA.

Please Connexion or Create an account to join the conversation.

fathibn
Topic Author
Offline
Senior Member

08 Juil 2019 13:35 #4 by fathibn

Replied by fathibn on topic Unable to debug SAML authentication error

Maybe this could help. In the idp server I have the following error message:
command sent is not an octet sequence in the native encoding (Latin-1).

Please Connexion or Create an account to join the conversation.

babynus
Offline
Administrator
Moderator

09 Juil 2019 14:10 - 09 Juil 2019 14:11 #5 by babynus

Replied by babynus on topic Unable to debug SAML authentication error

Just try and remove the comment on the certificate.
The comment line is valid when key is stored in a file, here we have a single line string, so there must be only the key, not the hole content of the file.

NB : if you get the Metadata of your IDP, you dshould get the correct value for the certificate.

Babynus
Administrator of ProjeQtOr web site

Last edit: 09 Juil 2019 14:11 by babynus.

Please Connexion or Create an account to join the conversation.

Bob86
Offline
New Member

12 Nov 2019 17:34 #6 by Bob86

Replied by Bob86 on topic Unable to debug SAML authentication error

Hi Everybody!

I use also LemonLdap but when i configure saml configuration in Projeqtor i have an error when i watch a metadata

Invalid array settings: contact_not_enought_data

I have not error in lemoldap and i not find error in projeqtor but i don't know where is the log.

Sébastien
Sorry for my english i learn actually, i am begginner

Please Connexion or Create an account to join the conversation.

Début
Précédent
1
2
Suivant
Fin

Moderators: babynus, protion

Time to create page: 0.083 seconds

En poursuivant votre navigation, vous acceptez le dépôt de cookies tiers destinés au bon fonctionnement et à la sécurisation du site (gestion de session, reCaptcha) et à une analyse statistique anonymisée des accès sur notre site (Google Analytics). Si vous vous inscrivez, les informations que vous fournirez ne seront jamais divulguées à un tiers sous quelque forme que ce soit. En savoir plus

Paramétrages de cookies

Cookies fonctionnels

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Veuillez vous connecter pour voir vos activités!

Autres cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Prochaines sessions de formation

Démonstration de ProjeQtOr

(gratuit, sur inscription)

Planifiez avec ProjeQtOr

Administrez avec ProjeQtOr

Unable to debug SAML authentication error

Attachments:

Attachments:

Paramétrages de cookies

Cookies fonctionnels

Session

Autres cookies

Prochaines sessions de formation

Démonstration de ProjeQtOr

(gratuit, sur inscription)

Planifiez avec ProjeQtOr

Administrez avec ProjeQtOr

Unable to debug SAML authentication error

Attachments:

Attachments:

Paramétrages de cookies

Cookies fonctionnels

Session

Autres cookies

Login Form