Open TomasKulhanek opened 6 years ago
Reproduced on most updated CernVM Linux version 4.14.18-9.cernvm.x86_64 (jakob@meerkat) (gcc version 7.3.0 (GCC)) #1 SMP Thu Feb 8 13:54:00 CET 2018
Reproduced on SL 7.x with this kernel version Linux version 3.10.0-693.5.2.el7.x86_64 (mockbuild@sl7-uefisign.fnal.gov) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Thu Oct 19 10:13:14 CDT 2017
Not reproduced working on Centos 7.x Linux version 3.10.0-693.21.1.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Wed Mar 7 19:03:37 UTC 2018
Not reproduced on another version SL 7.4 Linux version 3.10.0-693.17.1.el7.x86_64 (mockbuild@sl7-uefisign.fnal.gov) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Thu Jan 25 04:11:40 CST 2018
To reproduce
git clone https://github.com/h2020-westlife-eu/wp6-vm
cd wp6-vm/rep-standalone-src
edit bootstrap.sh, uncomment and add URL of secrets for West-Life and ARIA SSO, (on request)
#wget -O secrets.zip https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
#unzip secrets.zip
save and launch
vagrant up
Reproduced on CernVM4 (SL 7.5) Linux version 4.14.18-9.cernvm.x86_64 (jakob@meerkat) (gcc version 7.3.0 (GCC)) #1 SMP Thu Feb 8 13:54:00 CET 2018
[root@wl-virtualfolder mellon]# yum info mod_auth_mellon
Installed Packages
Name : mod_auth_mellon
Arch : x86_64
Version : 0.13.1
[root@wl-virtualfolder mellon]# yum info lasso
Installed Packages
Name : lasso
Arch : x86_64
Version : 2.5.1
Release : 2.el7
[root@wl-virtualfolder mellon]# yum info xmlsec1
Installed Packages
Name : xmlsec1
Arch : x86_64
Version : 1.2.20
Release : 7.el7_4
[root@wl-virtualfolder mellon]# yum info xmlsec1-openssl
Installed Packages
Name : xmlsec1-openssl
Arch : x86_64
Version : 1.2.20
Release : 7.el7_4
[root@wl-virtualfolder httpd]# tail error_log
[Tue Jun 26 10:04:59.623253 2018] [auth_mellon:error] [pid 30554] [client 148.79.95.226:51507] Error processing authn response. Lasso error: [440] The profile cannot verify a signature on the message
Installed Repository on cernvm4. Login via West-Life SSO fails on HTTP 400 Bad Request. Checked version of lasso (2.4.1), mod_auth_mellon (0.9.1) Installed manually lasso (2.5.1), mod_auth_mellon (0.11.0) and dependencies by
After that still HTTP 400 is returned. /var/log/httpd/error_log contains:
The same configuration works if installed on pure Scientific Linux 7.4 (where lasso 2.5.1 and mod_auth_mellon 0.11.0 is already in distribution repository), login via West-Life SSO works.