Does anyone have a working setup of Sogo SAML2 with KeyCloak as the IDP they
could share? It’s sitting Behind an Apache Reverse Proxy. Thanks
Sent from my iPhone
g25426.html
- https://www.mail-archive.com/users@sogo.nu/msg27942.html
Now, when I successfully log in Keycloak, I'm redirected to
https://my.host/Sogo/saml2-signon-post, but have a white page with this
error in sogo.log:
sogod [20896]: |SOGo| starting method 'POST' on uri
'
Hi,
We have been trying this as well. I will send you the notes I kept,
hopefully this will get you going.
First two links:
https://lists.inverse.ca/sogo/arc/users/2016-10/msg00100.html
https://sogo.nu/bugs/view.php?id=3933
In keycloak, make sure to configure:
NameID format: username
Hello everyone,
I need to configure SOGo 3.2.1 to authenticate with SAML2 in Keycloak 3.4. Does
anyone know how to do this setup? If so, can you send me the steps?
Thanks,
Eugenio
--
users@sogo.nu
https://inverse.ca/sogo/lists
Hi MJ,
That option directly correlates with how long the session is valid (as the SAML
assertion will be removed from cache after this time, and can no longer be sent
to Dovecot).
3600 would be one hour. You may want to set it higher, so that the user will
stay logged in for a business day (may
Hi,
We're playing again with sogo / dovecot / saml and would like some feedback.
We have everything (sogo, keycloak IdP, dovecot with pam-script-saml)
working just fine, with one remaining issue:
After a while the sogo web interface stops working, unless you change
'module' (from mail module
Hi,
Stupid thing: this worked in my previous setup. I started over again to
verify and document everything, and now this
LassoProfileErrorUnsupportedProfile comes up. :-(
It seems i made an error pasting the IdP metadata...
Sorry for the noise.
--
users@sogo.nu
https://inverse.ca/sogo/lists
Hi,
I have configured sogo to use SAML2 like this in sogo.conf:
SOGoAuthenticationType = saml2;
NGImap4AuthMechanism = PLAIN;
SOGoSAML2PrivateKeyLocation = "/etc/sogo/key.pem";
SOGoSAML2CertificateLocation = "/etc/sogo/cert.pem";
SOGoSAML2IdpMetadataLocation = "/etc/sogo/id
Hi Steve,
I was also afraid of patching common libraries, but I also tried following the
AUF recipe (without success). I also thought about the OpenChange way (allow
access without password from localhost [or other SOGo host]), but that wasn’t
really what I wanted, as you noted by yourself ;) A
> Am 16.09.2016 um 19:11 schrieb Christoph Kreutzer
> :
>
> How could you resolve this, Stephen?
I found it out (after adding a consent:Consent to simpleSAMLphp):
As the Shibboleth SP wants OID attributes, I had added a name2oid AttributeMap.
I just added a oid2name in the SP metadata in simpl
hint as to where it should be. The
> magic location is /usr/lib/GNUstep/Frameworks/SOGo.framework/Resources/. I
> can now see the metadata when browsing to
> https://webmail.4test.net/SOGo/saml2-metadata
> <https://webmail.4test.net/SOGo/saml2-metadata>. If I try to login at
>
I'm trying to setup SAML2 authentication for SOGo and not sure of the
requirements. According to the installation guide, only changes to to the
SOGo configuration are necessary. Of course, you must then use something
like the crudesaml plugin to handle the authentication to the IMAP server,
but tha
12 matches
Mail list logo
