Closed deroy-tronc closed 4 years ago
I don't use ADFS, but it looks like a certificate problem. Maybe re/copy your x.509 cert to the 'X.509 Certificate' field in the oneLogin settings?
https://support.solarwinds.com/SuccessCenter/s/article/Export-import-and-upload-the-token-signing-certificate see: 'Export the token-signing certificate from the AD FS server'
@donovandb Thanks for your response. I have again generated the new certificate and updated the oneLogin with the new certificate. But it still giving the same error.
I am using WPEngine hosting.
/wp-login.php?saml_acs is thr ACS endpoint where WordPress expects a POST SAMLResponse parameter. If you directly visit that URL with a GET, the saml plugin will raise a 500.
It seems you are getting a 500 for the 3rd party library used by the exension xmlseclibs.
The privateKey/public cert you placed on for the SP on the advanced settings seems wrong.
@pitbulk Sorry, there is a mistake in my question. Actually I am trying to visit wp-login.php?saml_sso not /wp-login.php?saml_acs
On Wordpress login page when I click on "SAML Login" button then it takes me to the wp-login.php?saml_sso and there I am getting 500 error,
When coming from ADFS, I am able to login to the site.
I am following this tutorial to set up the plugin: https://www.folio3.com/blog/wordpress-sso-how-to-integrate-saml-2-0-with-adfs-3-0/
Hello, I've a problem with the sso, When I've tried to login with the saml, I've gotten error with message like this:
A SAML error has occurred The following eror occurred: The SAML message cannot be built Please contact your local help desk for assistance. When calling for assistance, we kindly ask you to provide your User ID and the error description. If you want to try again, you can close this screen and reopen the web page.
_/sps/AD_Europe_SaaSIDP/saml20/login
2019-04-29T08:29:00Z
Error details FBTSML218E The specifications for the SAML2.AssertionConsumerService endpoint are not valid.
Anyone can help me, what should I do to solve the error? Maybe @donovandb or @pitbulk Thanks.
That path "/sps/AD_Europe_SaaS_IDP/saml20/login" does not belong WP or the SAML extension, so not sure how we can help you.
@deroy-tronc
PHP Fatal error: Uncaught Exception: Failure Signing Data: - 1 in /wp-content/plugins/onelogin-saml-sso/php/extlib/xmlseclibs/src/XMLSecurityKey.php:500
if (! openssl_sign($data, $signature, $this->key, $algo)) {
throw new Exception('Failure Signing Data: ' . openssl_error_string() . ' - ' . $algo);
}
The extension was not able to sign the AuthNRequest, possible reasons:
@pitbulk this is the full URL https://euidp-acc.aholddelhaize.com/isam/sps/AD_Europe_SaaS_IDP/saml20/login
It's set as IdP Entity Id and Single Sign On Service Url
When trying to access the saml login, /wp-login.php?saml_acs, I keep getting a HTTP 500 error. When coming from ADFS, I am able to login to the site but when trying to login via WordPress and saml, I cannot due to the error.
I am proving the error log below. Any help is greatly appreciated.
Error Log: PHP Fatal error: Uncaught Exception: Failure Signing Data: - 1 in /wp-content/plugins/onelogin-saml-sso/php/extlib/xmlseclibs/src/XMLSecurityKey.php:500\nStack trace:\n#0 /wp-content/plugins/onelogin-saml-sso/php/extlib/xmlseclibs/src/XMLSecurityKey.php(580): RobRichards\XMLSecLibs\XMLSecurityKey->signOpenSSL('SAMLRequest=hZJ...')\n#1 /wp-content/plugins/onelogin-saml-sso/php/lib/Saml2/Auth.php(722): RobRichards\XMLSecLibs\XMLSecurityKey->signData('SAMLRequest=hZJ...')\n#2 /wp-content/plugins/onelogin-saml-sso/php/lib/Saml2/Auth.php(659): OneLogin\Saml2\Auth->buildMessageSignature('hZJbj9owEIXf+RU...', 'https://trbnnew...', 'http://www.w3.o...', 'SAMLRequest')\n#3 /wp-content/plugins/onelogin-saml-sso/php/lib/Saml2/Auth.php(546): OneLogin\Saml2\Auth->buildRequestSignature('hZJbj9owEIXf+RU...', 'https://trbnnew...', 'http://www.w3.o...')\n#4/wp-content/plugins in /wp-content/plugins/onelogin-saml-sso/php/extlib/xmlseclibs/src/XMLSecurityKey.php on line 500