search

felixrupp / user_cas

This app provides CAS authentication support for ownCloud and Nextcloud, using the phpCAS library of jasig/apereo.
Other
21 stars 24 forks source link

User already provided by another backend #21

Closed x3n1ty closed 6 years ago

x3n1ty commented 6 years ago

Hello, i am running an ownCloud 10.0.8 (stable) with an actual phpUserCAS version from apereo and user_cas plugin installed.

I'm running into the following issue:

User already provided by another backend (OC\User\Database !== OCA\UserCAS\User\Backend), skipping."}

The user gets created in the owncloud user database after the first login but gets thrown back to the owncloud login page. After that a manual login via the owncloud login website is possible with the credentials from cas.

I dont find any information regarding this error.

user_cas configuration: CAS Server Version: CAS 1.0 and CAS 2.0 tested (CAS 2.0 prefered) CAS Server Hostname: login.xx.de CAS Server Port: 443 CAS Server Path: cas Service URL: emty Certification file path: empty

Force user login using cas? true Autocreate user after first CAS login? true Update user data after each CAS login? true and false tested (true prefered) Groups that will not be unlinked: empty Default group: empty

Mapping all default

PHP-CAS Library points to the right directory

Full owncloud.log:

{"reqId":"YMlCCBFJBkXJqAXjGVQg","level":3,"time":"2018-05-17T16:53:55+02:00","remoteAddr":"xx.xx.xx.xx","user":"--","app":"cas","method":"GET","url":"\/index.php\/apps\/user_cas\/login","message":"phpCAS user password has been checked."}

{"reqId":"YMlCCBFJBkXJqAXjGVQg","level":2,"time":"2018-05-17T16:53:55+02:00","remoteAddr":"xx.xx.xx.xx","user":"--","app":"OC\\User\\SyncService","method":"GET","url":"\/index.php\/apps\/user_cas\/login","message":"User <chrisjb> already provided by another backend(OC\\User\\Database !== OCA\\UserCAS\\User\\Backend), skipping."}

{"reqId":"YMlCCBFJBkXJqAXjGVQg","level":3,"time":"2018-05-17T16:53:55+02:00","remoteAddr":"xx.xx.xx.xx","user":"--","app":"index","method":"GET","url":"\/index.php\/apps\/user_cas\/login","message":"Exception: {\"Exception\":\"InvalidArgumentException\",\"Message\":\"Returned account has different backend to the requested backend for sync\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/User\\\/Manager.php(247): OC\\\\User\\\\SyncService->createOrSyncAccount('chrisjb', Object(OCA\\\\UserCAS\\\\User\\\\Backend))\\n#1 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/User\\\/Session.php(492): OC\\\\User\\\\Manager->checkPassword(*** sensitive parameters replaced ***)\\n#2 \\\/var\\\/www\\\/owncloud\\\/lib\\\/public\\\/Events\\\/EventEmitterTrait.php(50): OC\\\\User\\\\Session->OC\\\\User\\\\{closure}(Array)\\n#3 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/User\\\/Session.php(516): OC\\\\User\\\\Session->emittingCall(Object(Closure), Array, 'user', 'login')\\n#4 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/User\\\/Session.php(316): OC\\\\User\\\\Session->loginWithPassword(*** sensitive parameters replaced ***)\\n#5 \\\/var\\\/www\\\/owncloud\\\/apps\\\/user_cas\\\/lib\\\/Service\\\/UserService.php(126): OC\\\\User\\\\Session->login(*** sensitive parameters replaced ***)\\n#6 \\\/var\\\/www\\\/owncloud\\\/apps\\\/user_cas\\\/lib\\\/Controller\\\/AuthenticcationController.php(127): OCA\\\\UserCAS\\\\Service\\\\UserService->login(*** sensitive parameters replaced ***)\\n#7 [internal function]: OCA\\\\UserCAS\\\\Controller\\\\AuthenticationController->casLogin()\\n#8 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(159): call_user_func_array(Array, Array)\\n#9 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(89): OC\\\\AppFramework\\\\HttpDispatcher->executeController(Object(OCA\\\\UserCAS\\\\Controller\\\\AuthenticationController), 'casLogin')\\n#10 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/App.php(103): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch(Object(OCA\\\\UserCAS\\\\Controller\\\\AuthenticationController), 'casLogin')\\n#11 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Routing\\\/RouteActionHandler.php(46): OC\\\\AppFramework\\\\App::main('AuthenticationC...', 'casLogin', Object(OC\\\\AppFramework\\\\DependencyInjection\\\\DIContainer), Array)\\n#12 [internal function]: OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler->__invoke(Array)\\n#13 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/Route\\\/Router.php(342): call_user_func(Object(OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler), Array)\\n#14 \\\/var\\\/www\\\/owncloud\\\/lib\\\/base.php(912): OC\\\\Route\\\\Router->match('\\\/apps\\\/user_cas\\\/...')\\n#15 \\\/var\\\/www\\\/owncloud\\\/index.php(55): OC::handleRequest()\\n#16 {main}\",\"File\":\"\\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/User\\\/SyncService.php\",\"Line\":348}"}

apache2 log:

[Thu May 17 14:38:38.585378 2018] [negotiation:error] [pid 635] [client xx.xx.xx.xx] AH00687: Negotiation: discovered file(s) matching request: /var/www/owncloud/settings/users (None could be negotiated).

CAS-Debug.log

808A .START (2018-05-17 15:10:55) phpCAS-1.3.5+ ****************** [CAS.php:468]
808A .=> phpCAS::client('1.0', 'login.xxx.de', 443, 'cas') [AppService.php:181]
808A .|    => CAS_Client::__construct('1.0', false, 'login.xxx.de', 443, 'cas', true) [CAS.php:359]
808A .|    |    Session is authenticated as: chrisjb [Client.php:936]
808A .|    <= ''
808A .<= ''
808A .=> phpCAS::setNoCasServerValidation() [AppService.php:194]
808A .|    You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1644]
808A .<= ''
808A .=> phpCAS::isAuthenticated() [app.php:80]
808A .|    => CAS_Client::isAuthenticated() [CAS.php:1145]
808A .|    |    => CAS_Client::_wasPreviouslyAuthenticated() [Client.php:1393]
808A .|    |    |    user = `chrisjb' [Client.php:1622]
808A .|    |    <= true
808A .|    |    user was already authenticated, no need to look for tickets [Client.php:1416]
808A .|    <= true
808A .<= true
A510 .START (2018-05-17 15:15:05) phpCAS-1.3.5+ ****************** [CAS.php:468]
A510 .=> phpCAS::client('1.0', 'login.xxx.de', 443, 'cas') [AppService.php:181]
A510 .|    => CAS_Client::__construct('1.0', false, 'login.xxx.de', 443, 'cas', true) [CAS.php:359]
A510 .|    |    Session is authenticated as: chrisjb [Client.php:936]
A510 .|    <= ''
A510 .<= ''
A510 .=> phpCAS::setNoCasServerValidation() [AppService.php:194]
A510 .|    You have configured no validation of the legitimacy of the cas server. This is not recommended for production use. [CAS.php:1644]
A510 .<= ''

Thank you in advance for the help, and thanks for this great project !

felixrupp commented 6 years ago

Hi @x3n1ty

this issue seems to be related to a recent code refactoring the ownCloud team did to the process of user handling in the ownCloud 10.0.8 core. I am currently trying to fix this issue, I will report back, when it is available. 10.0.7 is still working as expected.

Regards,

Felix

felixrupp commented 6 years ago

@x3n1ty Version 1.5.3 fixes the issue with ownCloud 10.0.8. Please try that version and report back if you still have errors.

Regards Felix