On Sat, Jun 29, 2013 at 6:13 AM, Ludovic Marcotte <lmarco...@inverse.ca>wrote:
> On 2013-06-29 1:57 AM, Stephen Ingram wrote: > > The makefile in SoObjects/SOGo (line 149) indicates the presence of this > metadata file, but there is none. The code in SOGoSAML2Session also appears > to look for this file (SOGoSAML2Metadata.xml). Does this need to be added > before compiling? I've tried adding it to the WebserverResources directory, > but SOGo still doesn't pick it up. > > Try placing it in /usr/sbin/Resources/sogod/Resources/ (adjust depending > on where your sogod binary is located and create the Resources directory). > > That is just to some brain damage in the bundle loading code. > That doesn't work, but it did give me a hint as to where it should be. The magic location is /usr/lib/GNUstep/Frameworks/SOGo.framework/Resources/. I can now see the metadata when browsing to https://webmail.4test.net/SOGo/saml2-metadata. If I try to login at https://webmail.4test.net/SOGo I am correctly re-directed to the IdP for authentication. I still don't have a working system as once authenticating at the IdP, SOGo apparently doesn't receive what it's looking for and tries to login with nothing: EXCEPTION: <NSException: 0xb9b535fc> NAME:NSInvalidArgumentException REASON:Tried to add nil value for key 'login' to dictionary INFO:{} which results in a proxy error: The proxy server received an invalid response from an upstream server. The proxy server could not handle the request POST /SOGo/saml2-signon-post. Looking at the code, I see that SOGo maybe only wants either the uid or mail attributes encoded in a SAML2NameID format. I'm not sure if the endpoint /SOGo/saml2-signon-post is correct or not as I gleaned it from error logs listing typical SOGo requests. Are /SOGo/saml2-metadata and /SOGo/saml2-signon-post the only two endpoints? Steve -- users@sogo.nu https://inverse.ca/sogo/lists
