Hello to everyone,
I’m new in the forum and I hope this is the rght place where to post my question.
I successfully installed indico 2.0 on a VM with Debian 8 following the instruction provided here.
I configured also shibboleth as described in the above mentioned guide, but I cannot login through and I’m struggling trying to understand where the problem is. This is what I’ve in my indico.conf regarding SSI auth:
#SSO
AUTH_PROVIDERS = {
'shib-sso': {
'type': 'shibboleth',
'title': 'Single Sign On',
'attrs_prefix': 'ADFS_',
'callback_uri': '/login/shib-sso/shibboleth',
'logout_uri': 'https://my.sp.com/Shibboleth.sso/Logout'
}
}
IDENTITY_PROVIDERS = {
'shib-sso': {
'type': 'shibboleth',
'title': 'SSO',
'identifier_field': 'mail',
'mapping': {
'login': 'eppn',
'personId': 'persistent-id',
'email': 'mail'
},
'trusted_email': True
}
}
eppn, mail and persistent-id are the attributes returned from the IDP. And following you can find what I can see in the:
- indico.log
2018-02-08 13:39:02,244 INFO b1ea03fe14824386 indico.rh GET /login/ [IP=xxx.xxx.xxx.xxx] [PID=1412] [UID=None]
2018-02-08 13:39:04,777 INFO 77b174af1ec04952 indico.rh GET /login/shib-sso/ [IP=xxx.xxx.xxx.xxx] [PID=1412] [UID=None]
2018-02-08 13:39:06,742 INFO 525f3b1db3e54243 indico.rh GET /login/shib-sso/shibboleth [IP=xxx.xxx.xxx.xxx] [PID=1413] [UID=None]
2018-02-08 13:39:06,743 ERROR 525f3b1db3e54243 indico.auth Authentication via shib-sso failed: No valid data received (None)
2018-02-08 13:39:06,953 INFO 8c5afffcc91a4c23 indico.rh GET /login/ [IP=xxx.xxx.xxx.xxx] [PID=1411] [UID=None]
- shibd.log
2018-02-08 13:39:06 INFO Shibboleth.SessionCache [1]: new session created: ID (_e0efa9ad4c76cff38f1703695c955a30) IdP (https://our.idp.com/idp/shibboleth) Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (xxx.xxx.xxx.xxx)`
- transaction.log
2018-02-08 13:39:06 INFO Shibboleth-TRANSACTION [1]: New session (ID: _e0efa9ad4c76cff38f1703695c955a30) with (applicationId: default) for principal from (IdP: https://our.idp.com/idp/shibboleth) at (ClientAddress: xxx.xxx.xxx.xxx) with (NameIdentifier: 9NPScjyKE+8IPnkt1AJ/NUVqAsQ=) using (Protocol: urn:oasis:names:tc:SAML:2.0:protocol) from (AssertionID: _586c7cb603123e70cb20449d8b779a9b)
2018-02-08 13:39:06 INFO Shibboleth-TRANSACTION [1]: Cached the following attributes with session (ID: _e0efa9ad4c76cff38f1703695c955a30) for (applicationId: default) {
2018-02-08 13:39:06 INFO Shibboleth-TRANSACTION [1]: mail (1 values)
2018-02-08 13:39:06 INFO Shibboleth-TRANSACTION [1]: eppn (1 values)
2018-02-08 13:39:06 INFO Shibboleth-TRANSACTION [1]: persistent-id (1 values)
2018-02-08 13:39:06 INFO Shibboleth-TRANSACTION [1]: }
Anyone that can help me?
Thanks a lot in advance,
M.