Hi, I have been playing with pysaml2 and web2py, maybe this SP example helps: https://github.com/josedesoto/web2py-sp-example
Regards, On Monday, 27 October 2014 08:09:07 UTC+1, Prasad Muley wrote: > > Hi Massimo, > > In which provider log should I look into? (service provider [web2py > app] or idp provider [okta / onelogin]). > Could you share your web2py app's (service provider) setting and idp > provider settings?. > I've followed same instructions but getting that error. > > > On Sat, Oct 25, 2014 at 9:01 AM, Massimo Di Pierro <[email protected] > <javascript:>> wrote: > >> I do not know what to say. It works with the provide I was using. Look >> into the provider log. perhaps there is an error message there. >> >> >> On Friday, 24 October 2014 19:30:24 UTC-5, Prasad Muley wrote: >>> >>> Yes. I've printed it. It shows empty dict >>> On Oct 23, 2014 7:33 PM, "Massimo Di Pierro" <[email protected] >>> <javascript:>> wrote: >>> >>>> Yes it works for me. Can you help debug? Can you print d['response'] >>>> and try figure out where the response attributes are? >>>> >>>> On Friday, 17 October 2014 00:42:29 UTC-5, Prasad Muley wrote: >>>>> >>>>> Hi Wel, >>>>> Did you test SAML2 app? there is an experimental saml2 app in >>>>> web2py_2.9.6 >>>>> >>>>> I need to use saml2(web2py app) as service provider with onelogin >>>>> (which is idp) >>>>> >>>>> I am getting an error (Screen shot is attached PFA). >>>>> >>>>> >>>>> here is my config settings >>>>> 1) *private/sp_conf.py* >>>>> >>>>> # Make sure the same port number appear in service_conf.py >>>>> BASE = "http://localhost:8000"; >>>>> APPNAME = "saml2" >>>>> PATH = "/home/prasad/Prasad/web2py_2.9.6_beta/applications/saml2/pr >>>>> ivate/" >>>>> CONFIG = { >>>>> "entityid": "%s/saml2/static/sp.xml" % BASE, >>>>> 'entity_category': [COC], >>>>> "accepted_time_diff": 5, # very important >>>>> "description": "Example SP", >>>>> "service": { >>>>> "sp": { >>>>> "endpoints": { >>>>> "assertion_consumer_service": [ >>>>> ("%s/%s/default/user/login" % (BASE, APPNAME), >>>>> BINDING_HTTP_REDIRECT), >>>>> ], >>>>> } >>>>> }, >>>>> }, >>>>> "key_file": "%s/pki/mykey.pem" % PATH, >>>>> "cert_file": "%s/pki/mycert.pem" % PATH, >>>>> "xmlsec_binary": xmlsec_path, >>>>> "metadata": {"local": [PATH+"idp.xml"]}, >>>>> "name_form": NAME_FORMAT_URI, >>>>> } >>>>> >>>>> Here I've copied *assertion_consumer_service url *( >>>>> http://localhost:8000/saml2/default/login ) in onelogin's app's SAML >>>>> consumer url >>>>> >>>>> 2) I've downloaded a meta data file from onelogin app. >>>>> copy it to >>>>> >>>>> *saml/private/*3) Created a *static/sp.xml file *as >>>>> make_metadata.py sp_conf > ../static/sp.xml >>>>> >>>>> 4) Ran web2py server >>>>> >>>>> * (python webpy.py)*5) Selected SAML2 app through administrator >>>>> interface, >>>>> >>>>> 6) Clicked on login tab and >>>>> It is redirecting to onelogin app's login window. >>>>> >>>>> 7) Entered username and password in onelogin app >>>>> It it redirecting me to http://localhost:8000/saml2/default/login >>>>> (which is a assertion consumer url) >>>>> >>>>> and I am getting an internal error . >>>>> >>>>> <type 'exceptions.AttributeError'> 'dict' object has no attribute >>>>> 'assertion' >>>>> Let me know If there are wrong settings in my app. >>>>> >>>>> Could you share your app settings (including web2py app and idp >>>>> settings) >>>>> >>>>> >>>>> On Thursday, August 21, 2014 7:35:29 PM UTC+5:30, Wei Wang wrote: >>>>>> >>>>>> I have the need to use a SAML2 identity provider (specifically, a >>>>>> NetIQ product) for authentication and authorization in some web2py apps. >>>>>> >>>>>> I searched in this group, also googled "web2py and SAML", but did not >>>>>> find anything that seems readily available. >>>>>> >>>>>> My thoughts on building a "Service Provider" (in SAML2 terminology) >>>>>> app in web2py alongside other apps: >>>>>> >>>>>> - The SAML2 service provider would be "/saml2sp": >>>>>> - The saml2sp app communicates to the SAML2 Id provider for >>>>>> authentication and authorization; >>>>>> - A web2py app is configured to use "cas_auth", with >>>>>> "localhost/saml2sp" as the CAS server base URL; >>>>>> >>>>>> Does something like this exist? Does that sound reasonable? >>>>>> >>>>>> Thanks for any pointers, comments, thoughts. >>>>>> >>>>>> Wei >>>>>> >>>>> -- >>>> Resources: >>>> - http://web2py.com >>>> - http://web2py.com/book (Documentation) >>>> - http://github.com/web2py/web2py (Source code) >>>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>>> --- >>>> You received this message because you are subscribed to a topic in the >>>> Google Groups "web2py-users" group. >>>> To unsubscribe from this topic, visit https://groups.google.com/d/ >>>> topic/web2py/zn1OvErE6Wc/unsubscribe. >>>> To unsubscribe from this group and all its topics, send an email to >>>> [email protected] <javascript:>. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> -- >> Resources: >> - http://web2py.com >> - http://web2py.com/book (Documentation) >> - http://github.com/web2py/web2py (Source code) >> - https://code.google.com/p/web2py/issues/list (Report Issues) >> --- >> You received this message because you are subscribed to a topic in the >> Google Groups "web2py-users" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/web2py/zn1OvErE6Wc/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Thanks and Regards > Prasad M. Muley > Programmer at One Delta Synergies Pvt Ltd. | PICT 2013 > > “Pretty much everything on the web uses those two things: *C* and *UNIX*,” > - Dennis Ritchie > *http://www.cs.bell-labs.com/who/dmr/* > <http://www.cs.bell-labs.com/who/dmr/> > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
