SAML2.0 remote SP metadata blank screen (Nginx)
33 views
Skip to first unread message
jond
Jun 13, 2017, 7:01:16 AM6/13/17
to SimpleSAMLphp
Hi,
I am attempting to set up Single Sign On through a remote ADFS server, using SAML2.0.
I have configured the application on nginx and SimpleSAMLphp seems to be working, as a previous build did in Apache, with much the same configuration.
This time, when I generated the content for the saml20-sp-remote.php metadata file from the federationmetadata.xml, the SimpleSAMLphp Admin page for outputting the metadata to establish the Relying Party Trust with the ADFS server, the screen is blank.
The metadata I added to saml20-idp-remote.php is outputting as expected, but this is not what I need for the Relying Party Trust!
I do not want to touch the core code to get this working- this must be a configuration issue...
My error logs are as follows, which suggest this is due to cookie parameters...I am hoping someone can help me find the solution.
Thanks in advance for any advice!
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] SimpleSAML_Error_Exception: Error 8 - Undefined index: secure
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] Backtrace:
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 10 /path/to/simplesamlphp/install/www/_include.php:84 (SimpleSAML_error_handler)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 9 /path/to/simplesamlphp/install/lib/SimpleSAML/SessionHandlerPHP.php:334 (SimpleSAML_SessionHandlerPHP::setCookie)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 8 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:768 (SimpleSAML_Session::updateSessionCookies)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 7 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:555 (SimpleSAML_Session::setRememberMeExpire)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 6 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:631 (SimpleSAML_Session::doLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 5 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:224 (SimpleSAML_Auth_Source::loginCompleted)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 4 [builtin] (call_user_func)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 3 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:145 (SimpleSAML_Auth_Source::completeAuth)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 2 /path/to/simplesamlphp/install/modules/core/lib/Auth/UserPassBase.php:266 (sspmod_core_Auth_UserPassBase::handleLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 1 /path/to/simplesamlphp/install/modules/core/www/loginuserpass.php:67 (require)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 0 /path/to/simplesamlphp/install/www/module.php:137 (N/A)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] SimpleSAML_Error_Exception: Error 8 - Undefined index: lifetime
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] Backtrace:
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 10 /path/to/simplesamlphp/install/www/_include.php:84 (SimpleSAML_error_handler)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 9 /path/to/simplesamlphp/install/lib/SimpleSAML/SessionHandlerPHP.php:350 (SimpleSAML_SessionHandlerPHP::setCookie)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 8 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:768 (SimpleSAML_Session::updateSessionCookies)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 7 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:555 (SimpleSAML_Session::setRememberMeExpire)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 6 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:631 (SimpleSAML_Session::doLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 5 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:224 (SimpleSAML_Auth_Source::loginCompleted)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 4 [builtin] (call_user_func)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 3 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:145 (SimpleSAML_Auth_Source::completeAuth)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 2 /path/to/simplesamlphp/install/modules/core/lib/Auth/UserPassBase.php:266 (sspmod_core_Auth_UserPassBase::handleLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 1 /path/to/simplesamlphp/install/modules/core/www/loginuserpass.php:67 (require)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 0 /path/to/simplesamlphp/install/www/module.php:137 (N/A)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] SimpleSAML_Error_Exception: Error 8 - Undefined index: path
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] Backtrace:
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 10 /path/to/simplesamlphp/install/www/_include.php:84 (SimpleSAML_error_handler)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 9 /path/to/simplesamlphp/install/lib/SimpleSAML/SessionHandlerPHP.php:351 (SimpleSAML_SessionHandlerPHP::setCookie)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 8 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:768 (SimpleSAML_Session::updateSessionCookies)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 7 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:555 (SimpleSAML_Session::setRememberMeExpire)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 6 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:631 (SimpleSAML_Session::doLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 5 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:224 (SimpleSAML_Auth_Source::loginCompleted)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 4 [builtin] (call_user_func)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 3 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:145 (SimpleSAML_Auth_Source::completeAuth)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 2 /path/to/simplesamlphp/install/modules/core/lib/Auth/UserPassBase.php:266 (sspmod_core_Auth_UserPassBase::handleLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 1 /path/to/simplesamlphp/install/modules/core/www/loginuserpass.php:67 (require)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 0 /path/to/simplesamlphp/install/www/module.php:137 (N/A)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] SimpleSAML_Error_Exception: Error 8 - Undefined index: domain
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] Backtrace:
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 10 /path/to/simplesamlphp/install/www/_include.php:84 (SimpleSAML_error_handler)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 9 /path/to/simplesamlphp/install/lib/SimpleSAML/SessionHandlerPHP.php:352 (SimpleSAML_SessionHandlerPHP::setCookie)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 8 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:768 (SimpleSAML_Session::updateSessionCookies)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 7 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:555 (SimpleSAML_Session::setRememberMeExpire)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 6 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:631 (SimpleSAML_Session::doLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 5 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:224 (SimpleSAML_Auth_Source::loginCompleted)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 4 [builtin] (call_user_func)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 3 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:145 (SimpleSAML_Auth_Source::completeAuth)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 2 /path/to/simplesamlphp/install/modules/core/lib/Auth/UserPassBase.php:266 (sspmod_core_Auth_UserPassBase::handleLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 1 /path/to/simplesamlphp/install/modules/core/www/loginuserpass.php:67 (require)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 0 /path/to/simplesamlphp/install/www/module.php:137 (N/A)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] SimpleSAML_Error_Exception: Error 8 - Undefined index: secure
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] Backtrace:
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 10 /path/to/simplesamlphp/install/www/_include.php:84 (SimpleSAML_error_handler)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 9 /path/to/simplesamlphp/install/lib/SimpleSAML/SessionHandlerPHP.php:353 (SimpleSAML_SessionHandlerPHP::setCookie)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 8 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:768 (SimpleSAML_Session::updateSessionCookies)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 7 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:555 (SimpleSAML_Session::setRememberMeExpire)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 6 /path/to/simplesamlphp/install/lib/SimpleSAML/Session.php:631 (SimpleSAML_Session::doLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 5 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:224 (SimpleSAML_Auth_Source::loginCompleted)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 4 [builtin] (call_user_func)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 3 /path/to/simplesamlphp/install/lib/SimpleSAML/Auth/Source.php:145 (SimpleSAML_Auth_Source::completeAuth)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 2 /path/to/simplesamlphp/install/modules/core/lib/Auth/UserPassBase.php:266 (sspmod_core_Auth_UserPassBase::handleLogin)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 1 /path/to/simplesamlphp/install/modules/core/www/loginuserpass.php:67 (require)
Jun 13 11:51:33 simplesamlphp ERROR [bdd2fd6c0d] 0 /path/to/simplesamlphp/install/www/module.php:137 (N/A)
Peter Schober
Jun 13, 2017, 7:04:36 AM6/13/17
to SimpleSAMLphp
* jond <jo...@frankdesignltd.co.uk> [2017-06-13 13:01]:
anywhere where those end up in your system/deployment (e.g. PHP-FPM
log, web server error logs, etc.)
-peter
> This time, when I generated the content for the saml20-sp-remote.php
> metadata file from the federationmetadata.xml, the SimpleSAMLphp
> Admin page for outputting the metadata to establish the Relying
> Party Trust with the ADFS server, the screen is blank.
Blank screen usually means a fatal PHP error, which will end up
> metadata file from the federationmetadata.xml, the SimpleSAMLphp
> Admin page for outputting the metadata to establish the Relying
> Party Trust with the ADFS server, the screen is blank.
anywhere where those end up in your system/deployment (e.g. PHP-FPM
log, web server error logs, etc.)
-peter
dev...@frankdesignltd.co.uk
Jun 13, 2017, 1:18:59 PM6/13/17
to SimpleSAMLphp, peter....@univie.ac.at
Hi,
Thanks for the advice.
Unfortunately, after adjusting the error reporting options in the server configuration (php.ini and /etc/php-fpm.d/www.conf) then scouring the nginx and fpm error logs I still cannot see what is causing the fatal error.
If the issue is not the logged errors I posted, do you have any other suggestions I could investigate?
Many thanks
Reply all
Reply to author
Forward
0 new messages