search

DataShades / ckanext-saml2

SAML2 Authentication extension for CKAN
5 stars 23 forks source link

Unable to do HTTP-POST for Single Sign On Service #97

Open paulkilla opened 6 years ago

paulkilla commented 6 years ago

I'm getting the following error when selecting the Login button. My IDP only supports HTTP-POST for Single Sign On. Have I configured something incorrectly?

Thanks

==> /var/log/httpd/ckan_default.error.log <== [Tue Apr 17 08:46:11.238652 2018] [:error] [pid 34132] 2018-04-17 08:46:11,238 DEBUG [ckanext.saml2] REMOTE_USER = "" [Tue Apr 17 08:46:11.238877 2018] [:error] [pid 34132] 2018-04-17 08:46:11,238 INFO [ckanext.saml2] Ignoring REMOTE_USER - does not look like a NameID [Tue Apr 17 08:46:12.181576 2018] [:error] [pid 34132] 2018-04-17 08:46:12,181 INFO [ckan.lib.base] /user/login render time 0.950 seconds [Tue Apr 17 08:46:12.187104 2018] [:error] [pid 34132] 2018-04-17 08:46:12,186 ERROR [saml2.mdstore] Unsupported binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect (https://idp-url.com) [Tue Apr 17 08:46:12.187802 2018] [:error] [pid 34132] 2018-04-17 08:46:12,187 ERROR [saml2.s2repoze.plugins.sp] urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect [Tue Apr 17 08:46:12.187815 2018] [:error] [pid 34132] Traceback (most recent call last): [Tue Apr 17 08:46:12.187819 2018] [:error] [pid 34132] File "/usr/lib/ckan/default/src/pysaml2/src/saml2/s2repoze/plugins/sp.py", line 323, in challenge [Tue Apr 17 08:46:12.187839 2018] [:error] [pid 34132] srvs = _cli.metadata.single_sign_on_service(entity_id, _binding) [Tue Apr 17 08:46:12.187842 2018] [:error] [pid 34132] File "/usr/lib/ckan/default/src/pysaml2/src/saml2/mdstore.py", line 994, in single_sign_on_service [Tue Apr 17 08:46:12.187846 2018] [:error] [pid 34132] "single_sign_on_service", binding) [Tue Apr 17 08:46:12.187849 2018] [:error] [pid 34132] File "/usr/lib/ckan/default/src/pysaml2/src/saml2/mdstore.py", line 949, in service [Tue Apr 17 08:46:12.187852 2018] [:error] [pid 34132] raise UnsupportedBinding(binding) [Tue Apr 17 08:46:12.187855 2018] [:error] [pid 34132] UnsupportedBinding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect [Tue Apr 17 08:46:12.188009 2018] [:error] [pid 34132] [remote 10.13.1.1:0] mod_wsgi (pid=34132): Exception occurred processing WSGI script '/etc/ckan/default/apache.wsgi'. [Tue Apr 17 08:46:12.188042 2018] [:error] [pid 34132] [remote 10.13.1.1:0] Traceback (most recent call last): [Tue Apr 17 08:46:12.188055 2018] [:error] [pid 34132] [remote 10.13.1.1:0] File "/usr/lib/ckan/default/src/ckan/ckan/config/middleware/init.py", line 136, in call [Tue Apr 17 08:46:12.188084 2018] [:error] [pid 34132] [remote 10.13.1.1:0] return self.apps[app_name](environ, start_response) [Tue Apr 17 08:46:12.188091 2018] [:error] [pid 34132] [remote 10.13.1.1:0] File "/usr/lib/ckan/default/lib/python2.7/site-packages/paste/cascade.py", line 130, in call [Tue Apr 17 08:46:12.188184 2018] [:error] [pid 34132] [remote 10.13.1.1:0] return self.apps[-1](environ, start_response) [Tue Apr 17 08:46:12.188201 2018] [:error] [pid 34132] [remote 10.13.1.1:0] File "/usr/lib/ckan/default/src/ckan/ckan/config/middleware/common_middleware.py", line 61, in call [Tue Apr 17 08:46:12.188314 2018] [:error] [pid 34132] [remote 10.13.1.1:0] return self.app(environ, start_response) [Tue Apr 17 08:46:12.188339 2018] [:error] [pid 34132] [remote 10.13.1.1:0] File "/usr/lib/ckan/default/lib/python2.7/site-packages/paste/registry.py", line 379, in call [Tue Apr 17 08:46:12.188507 2018] [:error] [pid 34132] [remote 10.13.1.1:0] app_iter = self.application(environ, start_response) [Tue Apr 17 08:46:12.188521 2018] [:error] [pid 34132] [remote 10.13.1.1:0] File "/usr/lib/ckan/default/lib/python2.7/site-packages/repoze/who/middleware.py", line 100, in call [Tue Apr 17 08:46:12.188621 2018] [:error] [pid 34132] [remote 10.13.1.1:0] challenge_app = api.challenge(wrapper.status, wrapper.headers) [Tue Apr 17 08:46:12.188632 2018] [:error] [pid 34132] [remote 10.13.1.1:0] File "/usr/lib/ckan/default/lib/python2.7/site-packages/repoze/who/api.py", line 191, in challenge [Tue Apr 17 08:46:12.188790 2018] [:error] [pid 34132] [remote 10.13.1.1:0] forget_headers) [Tue Apr 17 08:46:12.188820 2018] [:error] [pid 34132] [remote 10.13.1.1:0] File "/usr/lib/ckan/default/src/pysaml2/src/saml2/s2repoze/plugins/sp.py", line 365, in challenge [Tue Apr 17 08:46:12.188839 2018] [:error] [pid 34132] [remote 10.13.1.1:0] "Failed to construct the AuthnRequest: %s" % exc) [Tue Apr 17 08:46:12.188851 2018] [:error] [pid 34132] [remote 10.13.1.1:0] Exception: Failed to construct the AuthnRequest: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect

Abhishek-Dutta commented 5 years ago

Any luck on the error.. even I am stuck here

28ugur89 commented 5 years ago

I am getting same eror when I click the button.Also I cannot generate Sp metadata(sp.xml).Do you have any idea?

mattcen commented 5 years ago

Hey folks, Just wanted to respond to this to say I've seen it, but I don't have any useful insights for you unfortunately. I'm still learning about this extension myself and don't use it that often, so don't think I can help right now. Hopefully somebody else in the community will be able to help you out.

benjaminbecker commented 4 years ago

Hi, could someone solve this issue. I am getting the same error.