Hello to all.

I have the plan to implement the SSO authentication feature with the SAML 
protocol.
However, I have an error that prevents me from validating the authentication 
process.
It is about the locks.
The first step is to store the request_saml_id. If I try to create a file by 
your libraries, I get an 500 error with msg:
error during cfs-locked \'file-request_tmp\' operation: pve cluster filesystem 
not online /etc/pve/priv/lock.
https://github.com/jbsky/proxmox-saml2-auth/commit/d75dc621aae719c8fdd251859af9641cda0e526b
Ok, I can make a temp workaround.

2nd stepĀ :
When I try to create a ticket with the function create_ticket in package 
PVE::API2::AccessControl;
I've got this error :
authentication failure; rhost=127.0.0.1 user=admin@DOM msg=error during 
cfs-locked 'authkey' operation: pve cluster filesystem not online 
/etc/pve/priv/lock
src : 
https://github.com/jbsky/proxmox-saml2-auth/commit/93b02727d2e172968c14c4ce3a7c27e8d5c0feb0

I have really bad luck with these locks!
Can you help me to understand the prerequisites to make the lock work?


If you want init a redirect to an identity provider(IdP, ex: Keycloak), use 
this url :
https://pve/api2/html/access/saml?realm=DOM

After an authentication side IdP, the IdP post to pve at 
https://pve/api2/html/access/saml.


I'm sorry to work on a separate repository, it's because I don't know your 
components very well.

I would be grateful if you could tell me how to debug these locks.

Thanking you in advance, 

Sincerely,

Julien BLAIS
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Reply via email to