PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
# perl -Ilib -Mpf::authentication -e 'print getAuthenticationSource("maml")->sso_url'`
(process:12545): Lasso-CRITICAL **: libxml2: Start tag expected, '<' not found\n
(process:12545): Lasso-WARNING **: 2016-08-11 12:59:26 Cannot load metadata from /usr/local/pf/conf/idp.xml
Can't create Single-Sign-On URL : Failed to add new provider.
# bin/pfcmd saml testsource maml
You should see the SSO URL below, otherwise, there are errors in your configuration:
Can't create Single-Sign-On URL. Check server side logs for details and validate the SAML configuration. at /usr/local/pf/lib/pf/Authentication/Source/SAMLSource.pm line 158.
To add to this issue, a valid configuration will succeed when called in non-tainted mode vs tainted (which may explain the lack of output in the commands shown above)
Seems the output of the Lasso errors is lost when running inside a PacketFence process
Using a pure perl one line gives the output. Not within pfcmd.
In the example below, the idp.xml file had a bad xml header.
Then the difference between both commands: