-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update our Saml authentication code to use IDP 3 flows #33
Comments
saml-test-sp, Shib IDP v3.3 in gluu-sever v3.1.0:
I've reproduced the problem in gluu-server v3.0.2 with default installation settings. |
Error when trying to SSO with Google HTTP ERROR 500 Problem accessing /idp/Authn/RemoteUser. Reason:
Caused by: java.lang.NoClassDefFoundError: edu/internet2/middleware/shibboleth/idp/util/HttpServletHelper 2017_09_05.stderrout.log |
"No potential flows left to choose from, authentication failed" - Fixed. |
I found the problem. oxAuth should callback with CONVERSATION_KEY, GET parаmeter "conversation". https://ce.gluu.info/idp/profile/SAML2/POST/SSO?execution=e1s1 IDP v.3.3.1 tracks flow with this key. Shib IDP does not add this CONVERSATION_KEY to session, by some reasons, just inserts to redirection URLs. |
#10 related issue. |
CONVERSATION_KEY - fixed. |
Alex Samuseu: That error is gone, but it still fails, now resulting in Authn failed SAML response to SP all the time
|
AuthnFailed - fixed. |
attribute - OK |
All OK. |
In our IDP3 we uses old IDP2 filters to do Saml authentication. But IDP3 has flow specially developed for this. There are case when our old integration led to errors. Person in some circumstances not getting login form because we are not initialization flow properly.
The text was updated successfully, but these errors were encountered: