Simplesamlphp custom web application redirect issue
87 views
Skip to first unread message
Tanveer Qazi
Apr 4, 2018, 2:07:42 AM4/4/18
to simple...@googlegroups.com
Hello All,
Q.1 I follow the above link and I able to redirect to IdP from my web application and after sucessfully authenticated by IdP it redirected to my SP url but at that time it shows me error
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace:
1 www/_include.php:45 (SimpleSAML_exception_handler)
0 [builtin] (N/A)
Caused by: SimpleSAML_Error_Exception: The issuer of the response does not match to the identity provider we sent the request to.
Backtrace:
1 modules/saml/www/sp/saml2-acs.php:103 (require)
0 www/module.php:135 (N/A)
Q.2 I want after coming to my service provider It will redirect to my website.
Peter Schober
Apr 4, 2018, 7:18:39 AM4/4/18
to simple...@googlegroups.com
* Tanveer Qazi <tanvee...@gmail.com> [2018-04-04 08:07]:
What is the entityID you configured for the IDP in SimpleSAMLphp?
What is the Issuer in the SAML Assertion you got back from the IDP?
-peter
> Caused by: SimpleSAML_Error_Exception: The issuer of the response does not
> match to the identity provider we sent the request to.
What is the entityID of the IDP (as far as the IDP is concerned)?
> match to the identity provider we sent the request to.
What is the entityID you configured for the IDP in SimpleSAMLphp?
What is the Issuer in the SAML Assertion you got back from the IDP?
-peter
Tanveer Qazi
Apr 4, 2018, 8:14:25 AM4/4/18
to simple...@googlegroups.com
What is the entityID of the IDP (as far as the IDP is concerned)?
What is the entityID you configured for the IDP in SimpleSAMLphp?
What is the Issuer in the SAML Assertion you got back from the IDP?
--
This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
https://simplesamlphp.org/support
Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
Make sure to read the documentation:
https://simplesamlphp.org/docs/stable/
If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
http://catb.org/~esr/faqs/smart-questions.html
---
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlphp+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Tanveer Qazi
Apr 4, 2018, 8:47:58 AM4/4/18
to simple...@googlegroups.com
My application index.php gives this error after authentication.
Best Regards,
Tanveer QaziGujarat Forensic Sciences University
Tanveer Qazi
Apr 4, 2018, 9:30:53 AM4/4/18
to simple...@googlegroups.com
Q.1 I follow the above link and I able to redirect to IdP from my web application and after sucessfully authenticated by IdP it redirected to my SP url but at that time it shows me error
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace:
1 www/_include.php:45 (SimpleSAML_exception_handler)
0 [builtin] (N/A)
Caused by: SimpleSAML_Error_Exception: The issuer of the response does not match to the identity provider we sent the request to.
Backtrace:
1 modules/saml/www/sp/saml2-acs.php:103 (require)
0 www/module.php:135 (N/A)
Q.2 I want after coming to my service provider It will redirect to my website.
The below url comes after saml index.php to IdP
On Wed, Apr 4, 2018 at 4:48 PM, Peter Schober <peter....@univie.ac.at> wrote:
Peter Schober
Apr 4, 2018, 9:54:46 AM4/4/18
to simple...@googlegroups.com
* Tanveer Qazi <tanvee...@gmail.com> [2018-04-04 14:48]:
just copy/past'ing the text? Text converted into pixels cannot be
read in some mail clients and it won't be found when searching the
archives. So just stop doing that when reporting problems or asking
questions.
2. There's no error of any kind to be found in that image. That's
simply a PHP array you have printed, seemingly of two attributes:
Userid and eduPersonAffiliation.
-peter
> My application index.php gives this error after authentication.
1. This is just plain text. Why make that into an image instead of
just copy/past'ing the text? Text converted into pixels cannot be
read in some mail clients and it won't be found when searching the
archives. So just stop doing that when reporting problems or asking
questions.
2. There's no error of any kind to be found in that image. That's
simply a PHP array you have printed, seemingly of two attributes:
Userid and eduPersonAffiliation.
-peter
Peter Schober
Apr 4, 2018, 9:59:17 AM4/4/18
to simple...@googlegroups.com
* Tanveer Qazi <tanvee...@gmail.com> [2018-04-04 14:14]:
I guess something in your deployment and/or configuration must be off.
I'd start with separating the IDP and the SP into separate vhosts. You
can make up any hostnames you want, you simply have to add them to
your hosts file -- https://en.wikipedia.org/wiki/Hosts_(file) -- abd
have them point to e.g. the loopback interface (127.0.0.1).
(SimpleSAMLphp has some caveats when it comes to running both the IDP
and the SP in the same vhost, at least when they're using the same
cookie session storage, I think. If in doubt check the documentation.)
-peter
> What is the Issuer in the SAML Assertion you got back from the IDP?
>
> http://localhost/simplesaml2/module.php/saml/sp/saml2-acs.php/default-sp
Since SimpleSAMLphp does not by itself assert this as its own entityID
>
> http://localhost/simplesaml2/module.php/saml/sp/saml2-acs.php/default-sp
I guess something in your deployment and/or configuration must be off.
I'd start with separating the IDP and the SP into separate vhosts. You
can make up any hostnames you want, you simply have to add them to
your hosts file -- https://en.wikipedia.org/wiki/Hosts_(file) -- abd
have them point to e.g. the loopback interface (127.0.0.1).
(SimpleSAMLphp has some caveats when it comes to running both the IDP
and the SP in the same vhost, at least when they're using the same
cookie session storage, I think. If in doubt check the documentation.)
-peter
Tanveer Qazi
Apr 4, 2018, 1:19:15 PM4/4/18
to simple...@googlegroups.com
Yes I understand it is PHP array but problem is how to handle this after authentication when it back to my index.php and displace I successfully login and also want to use logout. in that page index.php.
-peter
Peter Schober
Apr 4, 2018, 1:57:36 PM4/4/18
to simple...@googlegroups.com
* Tanveer Qazi <tanvee...@gmail.com> [2018-04-04 19:19]:
The printed PHP array means that the IDP has successfully returned
these attributes (and with the values printed). That's usually all
people care about.
Of course that's not the end of what the code can do, so check the
documentation for the API:
https://simplesamlphp.org/docs/stable/saml:sp#section_3
https://simplesamlphp.org/docs/stable/simplesamlphp-sp-api
-peter
> Yes I understand it is PHP array but problem is how to handle this after
> authentication when it back to my index.php and displace I successfully
> login and also want to use logout. in that page index.php.
I have no idea what it is that you want.
> authentication when it back to my index.php and displace I successfully
> login and also want to use logout. in that page index.php.
The printed PHP array means that the IDP has successfully returned
these attributes (and with the values printed). That's usually all
people care about.
Of course that's not the end of what the code can do, so check the
documentation for the API:
https://simplesamlphp.org/docs/stable/saml:sp#section_3
https://simplesamlphp.org/docs/stable/simplesamlphp-sp-api
-peter
Tanveer Qazi
Apr 4, 2018, 3:01:06 PM4/4/18
to simple...@googlegroups.com
Thanks peter for help and response.
-peter
jimn...@jimbowho.com
May 20, 2018, 6:14:18 PM5/20/18
to SimpleSAMLphp
Reply all
Reply to author
Forward
0 new messages