Open gpeanodc opened 7 years ago
Hi, I make some debug in SimpleUsernameMapper class and my results are the nameId I get from assertion subject is NULL(see the code below).
object(LightSaml\Model\Assertion\Subject)#441 (2) { ["nameId":protected]=> NULL
Do you think it can be a session issue with data loss because of load balancing ? Is there a config parameter to change this ? Thanks.
Hi, it seems to me that i have the same problem, but i'm not behind a loadBalancer,...
I setup an identityProvider on a local server id.local , with simplesamlphp, with this config/authsources.php =>
$config = array(
'example-userpass' => array(
'exampleauth:UserPass',
'student:studentpass' => array(
'uid' => array('student'),
'eduPersonAffiliation' => array('member', 'student'),
'roles' => array('ROLE_USER','ROLE_SEF'),
),
'employee:employeepass' => array(
'uid' => array('employee'),
'eduPersonAffiliation' => array('member', 'employee'),
'roles' => array('ROLE_USER','ROLE_SEF'),
),
),
);
( and when i test this configuration with simplesmalphp and nothing else, i can put my credentials and register fine )
But, when i try to access to a private page under "saml firewall", I too am redirected to the right login form, where i put my credentials but when I'm redirected to "login_check" route, I have the same error:
An exception occurred while executing 'INSERT INTO user_saml (username, roles) VALUES (?, ?)' with params [null, "["ROLE_USER"]"]: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'username' cannot be null
I tried to debug, and it seems to me that the problem is occuring in the
private function getUsernameFromAssertion(Assertion $assertion)
Indeed the test =>
$assertion->getSubject()->getNameID()->getFormat() != SamlConstants::NAME_ID_FORMAT_TRANSIENT
returns always false to me,...
Any hint about how to solve this problem ?
Thanks.
Hi @tmilos My application is working good in local environment. I set up the app in "dev" environment, the dev server is behind a load balancer. When I try to access to a private page under "saml firewall", I'm redirected to the right login form, I put my ids but when I'm redirected to "login_check" route, I have an error:
An exception occurred while executing 'INSERT INTO user_saml (username, roles) VALUES (?, ?)' with params [null, "[\"ROLE_USER\"]"]: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'username' cannot be null
It seems that, for a reason I don't know, the username is not getting back.
Can it be a problem with load balancing ? Is there a configuration I can make from app side ?
I've already set this instruction in my /web/app.php file:
Request::setTrustedProxies(array($_SERVER['REMOTE_ADDR']));
Thanks for your help.