Closed samrocketman closed 9 years ago
Yes, please provide some SAML example and I'll take a look
I've been looking at some of this with JASIG CAS, however am not at all experienced in Ruby, so am struggling a bit. However, to get the CAS `attributes' (e.g name, e-mail address etc.) you need to request SAML, which you do by doing a POST to /samlValidate, as opposed to a GET to /serviceValidate. That POST needs some details.
See serviceValidate at http://www.jasig.org/cas/protocol, as opposed to samlValidate at https://wiki.jasig.org/display/CASUM/SAML+1.1.
I can give more details & test results if you like. I'm currently trying gitlab 6-1-stable with omniauth-cas 1.0.4 right from the Gitlab repo (as the 1.0.4 gem in the repository does not have the latest dependency fix for Nokigiri).
Thanks, g
@gdmalet Do you still need this feature?
Closing this issue pending more information.
@dlindahl We have worked around the issue ourselves, so I'm a bit out of touch with what's going on here. I'm sure there are others that would like to use the attributes one could fetch through omniauth if it worked, but I can't help much at the moment. Thanks.
Same, I've since switched roles from when I reported this and at the time I too put in a workaround.
It will be great to know which kind of workaround you have used guys, i m stuck to retreive the saml info attributes right now, my cas is also Jasig.
It s annoying that we have to use a soap post request not just a get like serviceValidate, docs of samlValidate here : https://github.com/Jasig/cas/blob/master/cas-server-protocol/3.0/cas_protocol_3_0.md#42-samlvalidate-cas-30
My issue can be that i m not using a ssl target in test (SAML attributes MUST NOT be released to a non-SSL site.), i will let you know my progress
+1 Can anyone share their workarounds for SAML validation with gitlab?
Currently SAML is supported in the Jasig version of CAS. Can you update the library to support that?
It looks like where you got the omniauth-cas originally there is some SAML implementation but I don't know enough ruby to make it work.
This would be greatly appreciated if you could. I can provide SAML auth samples if you like for test fixtures.
SAM