Closed nbennett25 closed 2 months ago
Can anyone confirm the certificate settings?
I've tried multiple different combinations, and nothing is working. I currently have the SP configured with it's own private and public certs, and the IdP x509 cert settings set to match the value returned in the SAML XML payload by the IdP - does the value in the config.yaml need to be base64 encoded..? Not sure what I'm missing here, and there isn't any more detail in the error than 'authentication failed'
Ok so the issue here wasn't that the user hadn't been authenticated, but that the error being thrown after authentication has a generic 'authentication failed' message:
It would be great to update this messaging to be more indicative of what the error actually is / and or expose the full trace to the catching method in Login.php
- even something like 'Authentication failed on user provisioning' would be a huge improvement and save development time.
I'm trying to get a docker network set up with an SP and IdP - my SP is a Symfony 6 app on
localhost:8000
, and the IdP is a docker imagekenchan0130/simplesamlphp:develop
- mapped tolocal-idp.local:4000
, which is effectively a wrapper for SimpleSAMLphp.org codebase configured as an IdP.I believe I have everything set up properly - the SP's
nbgrp_onelogin_saml.yaml
is pretty much boilerplate with the IdP's domains as below:The
sp.privateKey
andidp.x509cert
values are directly out of the certificates in the IdP image.This more or less works as expected - I have the
/admin
path set up to be SSO log in only inconfig/security.yaml
, and if I go tolocalhost:8000/admin
, I am redirected to the IdP site. I log in with the credentials set in theauthsources.php
file in the IdP config user the SimpleSaml docs, and am redirected back to the SP with a SAML payload, including the matchingx509
cert value.But when I get back to the SP, I get an 'authentication failed' exception error:
Thoughts? happy to post more of the config or SAML payload if that's helpful.
Thx!