-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There isn't SAML option after I run the image #4
Comments
Hi, This menu item is only available in the Nexus PRO version, so you should follow SAML.md instead of "Configure Sonatype Platform". I have clarified this point in README.md:
|
Hi again, Thanks for your response, I configured those files but faced 500 Server Internal Error. I'm using KeyCloak version 19 as my Idp. and It doesn't request my Idp when I click on Single SSO. PAC4J_BASE_URL="${PAC4J_BASE_URL:-https://nexus.mydomain.com}" sp-metadata.xml:
|
Please follow the instructions from https://github.com/a-langer/nexus-sso/blob/main/docs/SAML.md#configure-service-and-identity-providers.
For diagnostics, use https://github.com/a-langer/nexus-sso/blob/main/docs/SAML.md#debug. |
Hi, Thanks for your time.
|
@a-langer I am also facing this error 500: Internal Server Error issue when configuring ADFS. I also added these lines to the |
This is the logging that I am getting from pac4j/saml:
So no clear error why we are getting |
@aaii-z For some reason the https request comes to Nexus directly instead of through Nginx. All requests must go through the Nexus container on ports 80 or 443 if you configured SSL certificates. The settings are not correct, attach files sp-metadata.xml, shiro.ini and .env. |
@bogdankatishev Open another issue and attach files sp-metadata.xml, shiro.ini and .env. |
Hi, |
In shiro.ini uses httpS protocol: saml2Config.serviceProviderEntityId = https://MyNexus.Domain.com/callback?client_name=SAML2Client
clients.callbackUrl = https://MyNexus.Domain.com/callback In sp-metadata.xml uses plain http protocol: .. entityID="http://MyNexus.Domain.com/callback?client_name=SAML2Client"
.. Location="http://MyNexus.Domain.com/callback?client_name=SAML2Client"
... Correct "entityID" and "Location" depending on the DNS name and protocol you use, this value must also match the SAML client ID in the IdP server. See https://github.com/a-langer/nexus-sso/blob/main/docs/SAML.md#saml-configuration:
I recommend that you first set up authorization through a simple http and make sure that everything works correctly, and only then set up SSL encryption. |
I've tried http on nexus, still getting 500 error on Request URL: http://MyNexus.Domain.com/index.html. and also there is no related log. |
The error returned will always be error 500, because it is any internal server error. To see more information you can enabling in logback.xml the TRACE debug level for the root logger: <root level="${root.level:-TRACE}">
... It is better to perform each check in a new private browser window (or delete cookies for Nexus and IdP sites, which is quite difficult), otherwise the browser may remember invalid cookies and will not go to the login page, which in turn confuses and complicates diagnostics. |
Hi again, Thank you so much for your answers, finally my problem was solved after I cloned that again, I think the problem as you said was samlKeystore.jks. |
Hi, I have a separate VM that my Keycloak runs on that, Now I want to connect this Nexus to that Keycloak after I run that image and I go to browser and log in to that with the internal user of Nexus but I don't see the any SAML option and I read the README of this project and in this link It shows in Nexus UI there's SAML option, but I don't see it. should change any environment to true or it's a bug? ( I used the docker compose of this project)
(I meant I don't see this option after I run the docker compose in my Nexus, I see this picture from that link )
The text was updated successfully, but these errors were encountered: