SAML and signing configuration
191 views
Skip to first unread message
Alberto Cabello Sánchez
Feb 20, 2018, 4:45:09 AM2/20/18
to cas-...@apereo.org
Hi,
I'm getting a strange error when running the Onelogin SSO Wordpress
plugin to authenticate users with a CAS with SAML support. I managed
to get the plugin working with simpleSAMLphp so I think the problem
is in the CAS side.
The displayed error message is:
CAS is unable to process this request: "500:Internal Server Error"
Error: org.opensaml.saml.common.SAMLException:
No signature signing parameter is available
I think the problem is some metadata parameter, but I cannot find a working
example to give some light. I configured the service in a JSON this way:
(file name is lvs05saml-10000003.json)
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "lvs05saml",
"name" : "lvs05saml",
"id" : 10000003,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
},
"metadataLocation" : "http://HERE_I_PUT_MY_WORDPRESS_URL/wp-login.php?saml_metadata",
"metadataSignatureLocation" : "file:/usr/local/etc/cas/certs/ONE_LOGIN_PLUGIN_CERT.pub",
}
Uppercase HERE_I_PUT_MY_WORDPRESS_URL and ONE_LOGIN_PLUGIN_CERT are
substituted by the actual conf values.
I'm basically stucked at this point, so I feel I need some hint to
carry further research and solve this error.
Thanks for your help,
--
Alberto Cabello Sánchez
Servicio de Informática
Universidad de Extremadura
I'm getting a strange error when running the Onelogin SSO Wordpress
plugin to authenticate users with a CAS with SAML support. I managed
to get the plugin working with simpleSAMLphp so I think the problem
is in the CAS side.
The displayed error message is:
CAS is unable to process this request: "500:Internal Server Error"
Error: org.opensaml.saml.common.SAMLException:
No signature signing parameter is available
I think the problem is some metadata parameter, but I cannot find a working
example to give some light. I configured the service in a JSON this way:
(file name is lvs05saml-10000003.json)
{
"@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
"serviceId" : "lvs05saml",
"name" : "lvs05saml",
"id" : 10000003,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
},
"metadataLocation" : "http://HERE_I_PUT_MY_WORDPRESS_URL/wp-login.php?saml_metadata",
"metadataSignatureLocation" : "file:/usr/local/etc/cas/certs/ONE_LOGIN_PLUGIN_CERT.pub",
}
Uppercase HERE_I_PUT_MY_WORDPRESS_URL and ONE_LOGIN_PLUGIN_CERT are
substituted by the actual conf values.
I'm basically stucked at this point, so I feel I need some hint to
carry further research and solve this error.
Thanks for your help,
--
Alberto Cabello Sánchez
Servicio de Informática
Universidad de Extremadura
Man H
Feb 20, 2018, 8:38:10 AM2/20/18
to cas-...@apereo.org
Do you hace mod_auth_cas installed
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/20180220104515.e69c1fad30ace2e22815f049%40unex.es.
Alberto Cabello Sánchez
Feb 21, 2018, 8:32:53 AM2/21/18
to cas-...@apereo.org
Yes, I do.
I'll disable it and/or test the setup in a fresh install to see if it
is the source of the problem.
Thanks for the hint.
> To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5miexpX%3DjD4LsuhKRzAuipS83i8iYvg-uY_N6qfZfesQbJQ%40mail.gmail.com.
I'll disable it and/or test the setup in a fresh install to see if it
is the source of the problem.
Thanks for the hint.
Alberto Cabello Sánchez
Feb 21, 2018, 9:14:24 AM2/21/18
to cas-...@apereo.org
> Do you hace mod_auth_cas installed
I just disabled mod_auth_cas and the error is still appearing.
I will test it in a fresh install, though.
Reply all
Reply to author
Forward
0 new messages