Hi Christian, Here my sogo.conf and idp-metadata, We are trying to setup sogo authentication with a SSO solution in-house build that suports saml2.
-- Daniel Carlos Silva Analista DTE/SRE/GRE – Gerência de Redes Tel.: (31) 3339-1287 Companhia de Tecnologia da Informação do Estado de Minas Gerais – PRODEMGE Aviso: Esta mensagem é destinada exclusivamente para a(s) pessoa(s) a quem é dirigida, podendo conter informação sigilosa e legalmente protegida. O uso impróprio será tratado conforme as normas da empresa e a legislação em vigor. Caso não seja o destinatário, favor notificar o remetente, ficando proibidas a utilização, divulgação, cópia e distribuição Em Quarta, Agosto 07, 2019 04:43 -03, "Christian Mack" ([email protected]) <[email protected]> escreveu:Hello In order to help you, we need at least some info about your setup and your sogo.conf Kind regards, Christian Mack Am 06.08.19 um 19:56 schrieb "Daniel Carlos Silva" ([email protected]): > > Hi, > Hi folks, > I'm trying to setup SAML2 auth in sogo and getting this error: > > Aug 06 14:36:04 sogod [30014]: |SOGo| request took 0.022839 seconds to execute > Aug 06 14:36:04 sogod [30014]: 172.22.4.177 "GET /SOGo HTTP/1.1" 302 0/0 > 0.024 - - 7M > Aug 06 14:36:12 sogod [30014]: |SOGo| starting method 'POST' on uri > '/SOGo/saml2-signon-post' > Aug 06 14:36:12 sogod [30014]: |SOGo| traverse(acquire): SOGo => > saml2-signon-post > Aug 06 14:36:12 sogod [30014]: |SOGo| do traverse name: 'SOGo' > Aug 06 14:36:12 sogod [30014]: |SOGo| do traverse name: 'saml2-signon-post' > Aug 06 14:36:12 sogod [30014]: |SOGo| set clientObject: > <SOGo[0x0x5635e14ed2a0]: name=SOGo> > 2019-08-06 14:36:12.579 sogod[30014:30014] EXCEPTION: <NSException: > 0x5635e192f9a0> NAME:NSInvalidArgumentException REASON:Tried to add nil value > for key 'login' to dictionary INFO:{} > Aug 06 14:36:12 sogod [30014]: |SOGo| request took 0.001817 seconds to execute > Aug 06 14:36:12 sogod [30014]: 172.22.4.177 "POST /SOGo/saml2-signon-post > HTTP/1.1" 501 0/3342 0.003 - - 0 > > Any hint would be useful > tks > > -- > Daniel Carlos Silva > > > > -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung Basisdienste 78457 Konstanz +49 7531 88-4416 -- [email protected] https://inverse.ca/sogo/lists
sogo.conf
Description: Binary data
<?xml version="1.0"?> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2019-06-20T13:54:58Z" cacheDuration="PT1561470898S" entityID="http://10.181.78.50:8090/ssc-idp-frontend/"; ID="pfxb58bfe7e-eea0-8edd-b640-8ec2b47ef2b1"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#pfxb58bfe7e-eea0-8edd-b640-8ec2b47ef2b1"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>UvrWcVAZczCu6Ent5r7WQJnsoHI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>xxxx</ds:SignatureValue> <ds:KeyInfo><ds:X509Data><ds:X509Certificate>xxxxxxe</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature> <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:X509Data> <ds:X509Certificate>xxxxxxx<ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:X509Data> <ds:X509Certificate>xxxxxxxxxxxxxxxxxxxxx</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mydomain.com/SOGo/saml2-sls"/> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://URLDOssC/ssc-idp-frontend/"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mydomain.com/SOGo/"; index="1"/> </md:IDPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en-US">COMP</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en-US">CASD</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en-US">URL</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="technical"> <md:GivenName>Suporte </md:GivenName> <md:EmailAddress>[email protected]</md:EmailAddress> </md:ContactPerson> <md:ContactPerson contactType="support"> <md:GivenName>FULANO</md:GivenName> <md:EmailAddress>[email protected]</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor>
