General discussion on installation and configuration of SOGo

Text archives Help


Re: [SOGo] error trying to setup SAML2 auth


Chronological Thread 
  • From: "\"Daniel Carlos Silva\"" ( ) < >
  • To:
  • Subject: Re: [SOGo] error trying to setup SAML2 auth
  • Date: Wed, 07 Aug 2019 16:33:47 -0300
  • Dmarc-filter: OpenDMARC Filter v1.2.0 mail.inverse.ca 7839C1DE50F3

Hi Christian,
Here my sogo.conf and idp-metadata, We are trying to setup sogo authentication with a SSO solution in-house build  that suports saml2.

--
Daniel Carlos Silva

Analista
DTE/SRE/GRE  Gerência de Redes

Tel.: (31) 3339-1287
Companhia de Tecnologia da Informação do Estado de Minas Gerais – PRODEMGE

 

 

Aviso: Esta mensagem é destinada exclusivamente para a(s) pessoa(s) a quem é dirigida, podendo conter informação sigilosa e legalmente protegida. O uso impróprio será tratado conforme as normas da empresa e a legislação em vigor. Caso não seja o destinatário, favor notificar o remetente, ficando proibidas a utilização, divulgação, cópia e distribuição

Em Quarta, Agosto 07, 2019 04:43 -03, "Christian Mack" ( ) < > escreveu:
Hello

In order to help you, we need at least some info about your setup and
your sogo.conf


Kind regards,
Christian Mack

Am 06.08.19 um 19:56 schrieb "Daniel Carlos Silva"
( ):
>
> Hi,
> Hi folks,
> I'm trying to setup  SAML2 auth in sogo and getting this error:
>
> Aug 06 14:36:04 sogod [30014]: |SOGo| request took 0.022839 seconds to execute
> Aug 06 14:36:04 sogod [30014]: 172.22.4.177 "GET /SOGo HTTP/1.1" 302 0/0 0.024 - - 7M
> Aug 06 14:36:12 sogod [30014]: |SOGo| starting method 'POST' on uri '/SOGo/saml2-signon-post'
> Aug 06 14:36:12 sogod [30014]: |SOGo| traverse(acquire): SOGo => saml2-signon-post
> Aug 06 14:36:12 sogod [30014]: |SOGo|   do traverse name: 'SOGo'
> Aug 06 14:36:12 sogod [30014]: |SOGo|   do traverse name: 'saml2-signon-post'
> Aug 06 14:36:12 sogod [30014]: |SOGo| set clientObject: <SOGo[0x0x5635e14ed2a0]: name=SOGo>
> 2019-08-06 14:36:12.579 sogod[30014:30014] EXCEPTION: <NSException: 0x5635e192f9a0> NAME:NSInvalidArgumentException REASON:Tried to add nil value for key 'login' to dictionary INFO:{}
> Aug 06 14:36:12 sogod [30014]: |SOGo| request took 0.001817 seconds to execute
> Aug 06 14:36:12 sogod [30014]: 172.22.4.177 "POST /SOGo/saml2-signon-post HTTP/1.1" 501 0/3342 0.003 - - 0
>
> Any hint would be useful
> tks
>
> --
> ​Daniel Carlos Silva
>
>
>  
>


--
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416
 

Attachment: sogo.conf
Description: Binary data

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2019-06-20T13:54:58Z" cacheDuration="PT1561470898S" entityID="http://10.181.78.50:8090/ssc-idp-frontend/"; ID="pfxb58bfe7e-eea0-8edd-b640-8ec2b47ef2b1"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#pfxb58bfe7e-eea0-8edd-b640-8ec2b47ef2b1"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>UvrWcVAZczCu6Ent5r7WQJnsoHI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>xxxx</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>xxxxxxe</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
  <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    <md:KeyDescriptor use="signing">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
        <ds:X509Data>
          <ds:X509Certificate>xxxxxxx<ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
        <ds:X509Data>
          <ds:X509Certificate>xxxxxxxxxxxxxxxxxxxxx</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </md:KeyDescriptor>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mydomain.com/SOGo/saml2-sls"/>
    <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
    <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://URLDOssC/ssc-idp-frontend/"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mydomain.com/SOGo/"; index="1"/>
  </md:IDPSSODescriptor>
  <md:Organization>
    <md:OrganizationName xml:lang="en-US">COMP</md:OrganizationName>
    <md:OrganizationDisplayName xml:lang="en-US">CASD</md:OrganizationDisplayName>
    <md:OrganizationURL xml:lang="en-US">URL</md:OrganizationURL>
  </md:Organization>
  <md:ContactPerson contactType="technical">
    <md:GivenName>Suporte </md:GivenName>
    <md:EmailAddress>
 </md:EmailAddress>
  </md:ContactPerson>
  <md:ContactPerson contactType="support">
    <md:GivenName>FULANO</md:GivenName>
    <md:EmailAddress>
 </md:EmailAddress>
  </md:ContactPerson>
</md:EntityDescriptor>



Archive powered by MHonArc 2.6.18.

Top of page