Google SAML - error "empty URL" on access through App icon #4756
seleondevel
started this conversation in
Plugins
Replies: 2 comments
-
/kimai/config/packages/local.yaml The local.yaml file is configured as follows. There is no problem with spacing. The comment registration is not spacing out. kimai:
saml:
provider: google
activate: true
title: Login with SAML
mapping:
- { saml: $Email, kimai: email }
- { saml: $FirstName $LastName, kimai: alias }
roles:
resetOnLogin: true
attribute: Groups
mapping:
- { saml: Admin, kimai: ROLE_SUPER_ADMIN }
- { saml: Manager, kimai: ROLE_ADMIN }
- { saml: Teamlead, kimai: ROLE_TEAMLEAD }
connection:
idp:
entityId: 'https://accounts.google.com/o/saml2?idpid=hidden_id'
singleSignOnService:
url: 'https://accounts.google.com/o/saml2/idp?idpid=hidden_id'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
#singleLogoutService:
# url: 'https://www.example.com/logout'
# binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
x509cert: '-----BEGIN CERTIFICATE-----
...
...
...
...
...
...
...
...
...
...
-----END CERTIFICATE-----'
# Your Kimai: replace https://www.example.com with your base URL
sp:
entityId: 'https://www.example.com/auth/saml/metadata'
assertionConsumerService:
url: 'https://www.example.com/auth/saml/acs'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
singleLogoutService:
url: 'https://www.example.com/auth/saml/logout'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
#privateKey: ''
# only set baseurl, if auto-detection doesn't work
#baseurl: ''
strict: true
debug: true
security:
nameIdEncrypted: false
authnRequestsSigned: false
logoutRequestSigned: false
logoutResponseSigned: false
wantMessagesSigned: false
wantAssertionsSigned: false
wantNameIdEncrypted: false
requestedAuthnContext: true
signMetadata: false
wantXMLValidation: true
signatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256'
contactPerson:
technical:
givenName: 'Kimai Admin'
emailAddress: 'admin@example.com'
support:
givenName: 'Kimai Support'
emailAddress: 'support@example.com'
organization:
en:
name: 'Kimai'
displayname: 'Kimai'
url: 'https://www.example.com' For security purposes, I wrote www.example.com arbitrarily. Please understand. Access is no problem. |
Beta Was this translation helpful? Give feedback.
0 replies
-
That's an interesting question! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello.
After setting up Google SAML local.yaml, you can log in, but if you click the kimai icon created in workspace on the Google app,
It goes to https://www.example.com/auth/saml/acs , but it cannot be redirected to an empty URL as shown below. An error appears.
How can I solve this problem?
Help me!
Beta Was this translation helpful? Give feedback.
All reactions