SimpleSAML PHP configuration in Wordpress
747 views
Skip to first unread message
Binoy Chacko
Feb 22, 2017, 4:42:47 AM2/22/17
to SimpleSAMLphp
I am using SAML miniOrgane SAML 2.0 SSO
When I click on 'Test configuration'
Configure Service Provider | |
| Enter the information gathered from your Identity Provider | |
| Identity Provider Name *: | |
| IdP Entity ID or Issuer *: | |
| SAML Login URL *: | |
| X.509 Certificate *: | |
| NOTE: Format of the certificate: -----BEGIN CERTIFICATE----- XXXXXXXXXXXXXXXXXXXXXXXXXXX -----END CERTIFICATE----- | |
| Response Signed: | Check if your IdP is signing the SAML Response. Leave checked by default. |
| Assertion Signed: | Check if the IdP is signing the SAML Assertion. Leave unchecked by default. |
When I click on 'Test configuration'
English | Bokmål | Nynorsk | Sámegiella | Dansk | Deutsch | Svenska | Suomeksi | Español | Français | Italiano | Nederlands | Lëtzebuergesch | Čeština | Slovenščina | Lietuvių kalba | Hrvatski | Magyar | Język polski | Português | Português brasileiro | Türkçe | 日本語 | 简体中文 | 繁體中文 | русский язык | eesti keel | עִבְרִית | Bahasa Indonesia | Srpski | Latviešu | Românește | Euskara
Metadata not found
Unable to locate metadata for 'https://devwordpress.oasishospital.org/wp-content/plugins/miniorange-saml-20-single-sign-on/'This is most likely a configuration problem on either the service provider or identity provider.
- If you are an user who received this error after following a link on a site, you should report this error to the owner of that site.
- If you are a developer who is deploying a single sign-on solution, you have a problem with the metadata configuration. Verify that metadata is configured correctly on both the identity provider and service provider.
If you report this error, please also report this tracking number which makes it possible to locate your session in the logs available to the system administrator: 546e4d0c0c
Debug information
The debug information below may be of interest to the administrator / help desk:
SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'https://devwordpress.oasishospital.org/wp-content/plugins/miniorange-saml-20-single-sign-on/\'')
Backtrace: 3 /var/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:301 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData) 2 /var/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:318 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataConfig) 1 /var/simplesamlphp/modules/saml/lib/IdP/SAML2.php:303 (sspmod_saml_IdP_SAML2::receiveAuthnRequest) 0 /var/simplesamlphp/www/saml2/idp/SSOService.php:18 (N/A)
Report errors
How to get help
This error probably is due to some unexpected behaviour or to misconfiguration of simpleSAMLphp. Contact the administrator of this login service, and send them the error message above.
Copyright © 2007-2014 Any idea, what is going? Where should the metadata be put?
Jaime Perez Crespo
Feb 22, 2017, 6:20:22 AM2/22/17
to simple...@googlegroups.com
Hi Binoy,
As I said previously, you need to exchange metadata between the IdP and the SP. This is all covered in the documentation.
The error you are getting is in the IdP. It’s irrelevant how you configured your SP, because the problem is in the IdP. And the IdP is telling you that it doesn’t know about your SP (the error is quite explicit: “Unable to locate metadata for YOUR_SERVICE”), most likely because you haven’t imported its metadata or because you have changed the entityID of the SP without updating it in the IdP. You need to exchange metadata between the involved parties every time you add a new entity (either IdP or SP) or modify something on one of them. In order to add the metadata of an SP to your IdP, grab the SAML metadata of the SP, copy and paste it into the “XML to SimpleSAMLphp metadata converter” in the IdP’s web interface, copy the resulting PHP code, and paste it into metadata/saml20-sp-remote.php, as described by the documentation:
https://simplesamlphp.org/docs/stable/simplesamlphp-idp#section_7
Also, remember to paste it by the end of the file, not to replace the entire file with the new contents.
Again, please, read the documentation. If you have any doubts after reading it, or you don’t understand something there, or there’s something unclear or that should be explained better, please come back here and tell us.
> You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
> To post to this group, send email to simple...@googlegroups.com.
> Visit this group at https://groups.google.com/group/simplesamlphp.
> For more options, visit https://groups.google.com/d/optout.
--
Jaime Pérez
UNINETT / Feide
jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
As I said previously, you need to exchange metadata between the IdP and the SP. This is all covered in the documentation.
The error you are getting is in the IdP. It’s irrelevant how you configured your SP, because the problem is in the IdP. And the IdP is telling you that it doesn’t know about your SP (the error is quite explicit: “Unable to locate metadata for YOUR_SERVICE”), most likely because you haven’t imported its metadata or because you have changed the entityID of the SP without updating it in the IdP. You need to exchange metadata between the involved parties every time you add a new entity (either IdP or SP) or modify something on one of them. In order to add the metadata of an SP to your IdP, grab the SAML metadata of the SP, copy and paste it into the “XML to SimpleSAMLphp metadata converter” in the IdP’s web interface, copy the resulting PHP code, and paste it into metadata/saml20-sp-remote.php, as described by the documentation:
https://simplesamlphp.org/docs/stable/simplesamlphp-idp#section_7
Also, remember to paste it by the end of the file, not to replace the entire file with the new contents.
Again, please, read the documentation. If you have any doubts after reading it, or you don’t understand something there, or there’s something unclear or that should be explained better, please come back here and tell us.
> Copyright © 2007-2014 Feide RnD
>
>
>
> Any idea, what is going? Where should the metadata be put?
>
> --
>
>
>
> Any idea, what is going? Where should the metadata be put?
>
> You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
> To post to this group, send email to simple...@googlegroups.com.
> Visit this group at https://groups.google.com/group/simplesamlphp.
> For more options, visit https://groups.google.com/d/optout.
--
Jaime Pérez
UNINETT / Feide
jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
Binoy Chacko
Feb 23, 2017, 12:35:40 PM2/23/17
to SimpleSAMLphp
Thanks Jaime, for you prompt response. I will check this
Binoy Chacko
Feb 25, 2017, 2:07:10 AM2/25/17
to simple...@googlegroups.com
Thanks Jaime! Thanks for pointing out to the documentation where I was making the mistake. I did not add the metadata in the IdP.
The Wordpress Plugin shows that the Metadata is avaiable here
And I entered the details in IdP in this file "/var/simplesamlphp/metadata/saml20-sp-remote.php"
$metadata['https://devwordpress.oasishospital.org/'] = array(
'AssertionConsumerService' => 'https://devwordpress.oasishospital.org/wp-content/plugins/saml-20-single-sign-on/saml/www/module.php/saml/sp/metadata.php/1',
'SingleLogoutService' => 'https://devwordpress.oasishospital.org/wp-login.php?action=logout&_wpnonce=5fca00931b',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:email',
'simplesaml.nameidattribute' => 'email',
'simplesaml.attributes' => FALSE,
);
When I click on "https://devwordpress.oasishospital.org/wp-content/plugins/saml-20-single-sign-on/saml/www/module.php/saml/sp/metadata.php/1"
I get this error
When I check the apache2 'error.log' I get the following error.
SimpleSAML_exception_handler() must be an instance of Exception, instance of Error given in /var/www/html/wp-content/plugins/saml-20-single-sign-on/saml/www/_include.php:37\nStack trace:\n#0 [internal function]: SimpleSAML_exception_handler(Object(Error))\n#1 {main}\n thrown in /var/www/html/wp-content/plugins/saml-20-single-sign-on/saml/www/_include.php on line 37
Any idea what is going on here?
--
You received this message because you are subscribed to a topic in the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/simplesamlphp/dEZ4cAonFDw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to simplesamlphp+unsubscribe@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at https://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.
Best Regards
Binoy Chacko IT Support Analyst 
Tel: +971 3 713 1160 | Address: PO Box 1016, Al Ain, UAE
binoy....@oasishospital.org | www.oasishospital.org
Tel: +971 3 713 1160 | Address: PO Box 1016, Al Ain, UAE
binoy....@oasishospital.org | www.oasishospital.org
Oasis Hospital: Birthplace of Leaders for the Nation
Reply all
Reply to author
Forward
0 new messages