simplesamlphp on localhost: unhandled exception

[preeti khasnis]

Dwonloaded the simplesamlphp and extracted in xampp/htdocs  and named the folder as simplesamlphp.

Made changes in the config.php- 

'baseurlpath' => 'http://localhost:80/simplesamlphp/www/',

 and in httpd-vhosts.conf 

<VirtualHost localhost:80>

  DocumentRoot "C:/xampp/htdocs/simplesamlphp"

  ServerName localhost

  ErrorLog "logs/simplesamlphp.local-error.log"

  CustomLog "logs/simplesamlphp.local-access.log" combined

  Alias /simplesamlphp "c:/xampp/htdocs/simplesamlphp/www"

  ServerAlias localhost

  <Directory "C:/xampp/htdocs/simplesamlphp">

    AllowOverride All

    Order Allow,Deny

    Allow from all

    Require all granted

  </Directory>

</VirtualHost>

opened http://localhost/simplesamlphp/www/module.php/core/frontpage_welcome.php

under configuration tab-  sanity check was fine

but under federation tab - got this error msg

SimpleSAML_Error_Error: UNHANDLEDEXCEPTION

Backtrace:
0 C:\xampp\htdocs\simplesamlphp\www\module.php:179 (N/A)
Caused by: Exception: authsources['default-sp']: The option 'idp' is not a valid string value.
Backtrace:
7 C:\xampp\htdocs\simplesamlphp\lib\SimpleSAML\Configuration.php:538 (SimpleSAML_Configuration::getString)
6 C:\xampp\htdocs\simplesamlphp\modules\saml\lib\Auth\Source\SP.php:59 (sspmod_saml_Auth_Source_SP::__construct)
5 C:\xampp\htdocs\simplesamlphp\lib\SimpleSAML\Auth\Source.php:211 (SimpleSAML_Auth_Source::parseAuthSource)
4 C:\xampp\htdocs\simplesamlphp\lib\SimpleSAML\Auth\Source.php:66 (SimpleSAML_Auth_Source::getSourcesOfType)
3 C:\xampp\htdocs\simplesamlphp\modules\saml\hooks\hook_metadata_hosted.php:11 (saml_hook_metadata_hosted)
2 C:\xampp\htdocs\simplesamlphp\lib\SimpleSAML\Module.php:194 (SimpleSAML_Module::callHooks)
1 C:\xampp\htdocs\simplesamlphp\modules\core\www\frontpage_federation.php:58 (require)
0 C:\xampp\htdocs\simplesamlphp\www\module.php:134 (N/A)

Looking forward to your help.

Thank you in advance :)

[Peter Schober]

* preeti khasnis <priya....@gmail.com> [2015-02-16 11:37]:

> Dwonloaded the simplesamlphp and extracted in xampp/htdocs and named the
> folder as simplesamlphp.
>
> Made changes in the config.php-
>
> 'baseurlpath' => 'http://localhost:80/simplesamlphp/www/',

No, baseurlpath should point to the base URL of your SSP install, so
http://localhost:80/simplesamlphp/ (if you insist on absolute paths;
and why would you include the port number when 80 is the registered
port number for HTTP anyway?).

> Alias /simplesamlphp "c:/xampp/htdocs/simplesamlphp/www"

If you have this alias set...

> opened http://localhost/simplesamlphp/www/module.php/core/frontpage_welcome.php

then you shouldn't access it at
http://localhost/simplesamlphp/www/... but
http://localhost/simplesamlphp/

> Caused by: Exception: authsources['default-sp']: The option 'idp' is not a valid string value.
> Backtrace:

Not sure, can you post your complete default-sp array here?
-peter

[preeti khasnis]

Thanks for replying Peter,

Im not saml savvy.

and hence trying to follow a few articles.

and yes, need not specify the port number 80, it can be accessed without out mentioning 80.

In the default-sp array, im not sure what the enitity-Id should be set.. :( 

default-sp looks like this as of now.. 

 'default-sp' => array(

        'saml:SP',

        // The entity ID of this SP.

        // Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.

        'entityID' => 'https://localhost/simpleSAMLphp',

        // The entity ID of the IdP this should SP should contact.

        // Can be NULL/unset, in which case the user will be shown a list of available IdPs.

        'idp' => true,

        // The URL to the discovery service.

        // Can be NULL/unset, in which case a builtin discovery service will be used.

        'discoURL' => null,

Very sorry, if i sound stupid.. :(

On Monday, February 16, 2015 at 4:54:35 PM UTC+5:30, Peter Schober wrote:ault 

[Peter Schober]

* preeti khasnis <priya....@gmail.com> [2015-02-16 12:39]:

> In the default-sp array, im not sure what the enitity-Id should be set.. :(
> default-sp looks like this as of now..
>
> 'default-sp' => array(
> 'saml:SP',
>
> // The entity ID of this SP.
> // Can be NULL/unset, in which case an entity ID is generated based
> on the metadata URL.
> 'entityID' => 'https://localhost/simpleSAMLphp',
>
> // The entity ID of the IdP this should SP should contact.
> // Can be NULL/unset, in which case the user will be shown a list
> of available IdPs.
> 'idp' => true,
>
> // The URL to the discovery service.
> // Can be NULL/unset, in which case a builtin discovery service
> will be used.
> 'discoURL' => null,

OK, you don't /have/ to set entityID, as the comment above explains.
SSP will generate one for you then.
But the value you set is perfectly fine and in fact I always set
entityID to a value of my own chosing.

Setting 'idp' to true doesn't make any sense, though.
Either set it to the entityID of the IDP this SP you're setting up
should use by default, or leave it unles (or set it to null) to make
SSP generate an IDP discovery interface where subjects can pick the
IDP they want to use to log in.
(Only makes sense if you have configured more than 1 IDP in this SP,
but doesn't hurt for testing. So if in doubt, keep 'entutyID' and
'idp' and 'discoURL' all set to null or commented out.)

> Very sorry, if i sound stupid.. :(

Not stupid and no reason to apologize.
-peter

[preeti khasnis]

Thank you Peter, and Great, that error msg is gone :)

I have a few more doubts, not sure if they seem silly .

Now , under the "authentication tab"-> i click on "test configured authentication sources " - > and click on "default-sp"-> i get , this page is not available ... and the link for this page is -  "https://idp.example.org/shibboleth-idp/SSO?providerId=https%3A%2F%2Flocalhost%2FsimpleSAMLphp&shire=http%3A%2F%2Flocalhost%2Fsimplesamlphp%2Fwww%2Fmodule.php%2Fsaml%2Fsp%2Fsaml1-acs.php%2Fdefault-sp&target=_129b2c2bd5f37463373fd2ba18aac4faec089a27f9%3Ahttp%3A%2F%2Flocalhost%2Fsimplesamlphp%2Fwww%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Ddefault-sp%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesamlphp%252Fwww%252Fmodule.php%252Fcore%252Fauthenticate.php%253Fas%253Ddefault-sp"


im not quite sure, how do i test if its working fine.

[Peter Schober]

* preeti khasnis <priya....@gmail.com> [2015-02-16 13:41]:

> I have a few more doubts, not sure if they seem silly .

Stop it, asking question about software is not stupid or silly.

> Now , under the "authentication tab"-> i click on "test configured
> authentication sources " - > and click on "default-sp"-> i get , this page
> is not available ... and the link for this page is -

> "https://idp.example.org/shibboleth-idp/SSO?...

Well, it seems you installed and configured SimpleSAMLphp as a SAML
SP. Now you're trying to log in with a SAML IDP, and what SAML IDP
would that be?
You deploy a SAML SP in order to process SAML protocol messages from a
SAML IDP. So who runs the SAML IDP? You? Someone else?
-peter

[preeti khasnis]

I assume its pingfederate.

 

and its not managed by me , its someone else.

[Peter Schober]

* preeti khasnis <priya....@gmail.com> [2015-02-16 14:21]:

> I assume its pingfederate.
>
> and its not managed by me , its someone else.

Then ask that someone else for the SAML metadata describing that SAML
IDP. Clearly it's not https://idp.example.org/whatever
Once you have that you can feed that to SSP's metadata converter (in
the admin web UI) which will generate the PHP data structures SSP
uses as internal metadata format. Add that to your SP as described in
the SSP documentation. Then re-try your test of authentication
sources.
-peter

[preeti khasnis]

I appreciate your Patience and cooperation :)

I will try that tomo, and will get back incase of doubts.

Thank you :)

[Peter Schober]

* preeti khasnis <priya....@gmail.com> [2015-02-18 11:37]:
> When i click on "federation tab " i could see the metadata for SP
> and IdP.

I thought you wanted to integrate this SimpleSAMLphp SP with an
external SAML IDP run by someone else? If so, where is that IDP's
metadata? You only sent some "localhost:80" metadata, that's certainly
not the external "pingfederate" SAML IDP you talked about.

I would have suggested to test your SAML SP with an existing,
known-to-work IDP, such as the FEIDE OpenIDP but that won't work if
your SP is only accessible from localhost (as the FEIDE OpenIDP
fetches your SP's metadata from the URL value that is the SP's
entityID, which won't work with "locahost").

Since you don't seem to have a local SAML IDP in your SSP config, and
I see no sign of you integrating the external "pingfederate" SAML IDP,
and you can't use the FEIDE OpenIDP for testing, I'm not sure what to
recommend.
You have to decide (and tell us, if you need advise) what you want
exactly you want to achieve (one thing after the other), only then can
we recommend technical steps.

> <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
> entityID="http://localhost:80/simplesamlphp/www/saml2/idp/metadata.php">

That still points to both issues I already told you to take care of:
1. The unnecessary port after the hostname
2. the simplesamlphp directlry exposed itself, when only its "www"
folder should be exposed (e.g. as "simplesamlphp" or whatever you
want)
Fix those first, by correctly setting the "baseurlpath" parameter.
That will change all of the autogenerated SSP metadata, though, so if
you exchanged that with an IDP (I cannot know) you'd have to redo
that.

> <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">

From the entityID above I would assume this should be a SAML IDP (note
the "idp" in the name) but this now only has an SPSSODescriptor,
meaning it's only acting as a SAML SP.
Did you manually set the SP's entityID to this value, instead of just
using the defaults? Where else did that value come from?

> metadata for idp- i get this error message

Metadata for what IDP specifically?

> SimpleSAML_Error_Error: METADATA
>
> Backtrace:
> 0 C:\root\xampp\htdocs\simplesamlphp\www\saml2\idp\metadata.php:204 (N/A)
> Caused by: Exception: saml20-idp-hosted/'http://localhost:80/simplesamlphp/www/saml2/idp/metadata.php': Unable to load certificate/public key from file "C:\root\xampp\htdocs\simplesamlphp/cert/server.crt".

What is unclear about that error message? Seems that metadata
references a file that doesn't exist. Why? There's the immediate
answer: Probably because you skipped some parts of setting up a SAML
IDP and did not create a keypair for your IDP first.
But that only brings us back to the question why you're trying to set
up a SAML IDP at the same time?
-peter

[preeti khasnis]

Hi Peter,

I could get the metadata, replaced that in the saml idp remote.php file, and now when i test it, i get no peer end points error msg

[preeti khasnis]

I get the login screen , when i put the credentials, i get no peer end points error msg.

[preeti khasnis]

i think thats cos im not authenticating it against AD or any other directory.. am i right?

On Thursday, February 19, 2015 at 2:58:32 PM UTC+5:30, preeti khasnis wrote:

[Peter Schober]

* preeti khasnis <priya....@gmail.com> [2015-02-19 10:43]:

> i think thats cos im not authenticating it against AD or any other
> directory.. am i right?

That has nothing to do with anything you wrote so far.
A SAML SP does not "authenticate" subjects against LDAP, that's what a
SAML IDP does and you said that's run by someone else, so not your
problem.
And what is "that" which you think is caused by missing LDAP
authentication -- the error message that you referenced a file
(server.crt) which does not exist? No, that is caused by referencing a
file which doesn't exist.
-peter

[preeti khasnis]

Hi Peter,

I got it now.. :)

Thank you very much for the explanation , i appreciate it :)

[vishal...@aksinteractive.com]

Hi 

I have installed simplesamlphp on my localhost and i have used openid for idp. I am facing an issue when i authenticate default sp i redirect me to openid and throwing this error

SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'http://127.0.0.1/simplesaml/module.php/saml/sp/metadata.php/default-sp\'')

Backtrace:

3 /www/openidp.feide.no/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:293 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData)

2 /www/openidp.feide.no/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:310 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataConfig)

1 /www/openidp.feide.no/simplesamlphp/modules/saml/lib/IdP/SAML2.php:296 (sspmod_saml_IdP_SAML2::receiveAuthnRequest)

0 /www/openidp.feide.no/simplesamlphp/www/saml2/idp/SSOService.php:19 (N/A)

Please help me to resolve this issue asap.

Thanks in adance

Vishal 

[Peter Schober]

* vishal...@aksinteractive.com <vishal...@aksinteractive.com> [2017-04-13 07:59]:

> I am facing an issue when i authenticate default sp i redirect me to
> openid and throwing this error

Note that nothing here has anything to do with "openid".

> SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' =>
> '\'http://127.0.0.1/simplesaml/module.php/saml/sp/metadata.php/default-sp\'')
> Backtrace:
> 3
> /www/openidp.feide.no/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:293

"The use of the OpenIdP is now restricted to UNINETT and it's services."
https://openidp.feide.no/

-peter

[Vishal Verma]

Hi Sir,

1) Service provider authsources.php 

 'default-sp' => array(

        'saml:SP',

        // 'privatekey' => 'server.pem',

        // 'certificate' => 'server.crt',

        // The entity ID of this SP.

        // Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.

        'RelayState' => 'http://127.0.0.1/simplesaml/module.php/core/frontpage_welcome.php',

        

        'entityID' => 'http://127.0.0.1/simplesaml/module.php/saml/sp/metadata.php/default-sp',

        // The entity ID of the IdP this should SP should contact.

        // Can be NULL/unset, in which case the user will be shown a list of available IdPs.

        'idp' => 'https://saml.birdie.org/simplesamlphp/saml2/idp/metadata.php',

        // The URL to the discovery service.

        // Can be NULL/unset, in which case a builtin discovery service will be used.

        'discoURL' => null,

    ),

2)  Service provider meta/saml20-idp-remote.php

$metadata['https://saml.birdie.org/simplesamlphp/saml2/idp/metadata.php'] = array (

  'metadata-set' => 'saml20-idp-remote',

  'entityid' => 'https://saml.birdie.org/simplesamlphp/saml2/idp/metadata.php',

  'SingleSignOnService' => 

  array (

    0 => 

    array (

      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',

      'Location' => 'https://saml.birdie.org/simplesamlphp/saml2/idp/SSOService.php',

    ),

  ),

  'SingleLogoutService' => 

  array (

    0 => 

    array (

      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',

      'Location' => 'https://saml.birdie.org/simplesamlphp/saml2/idp/SingleLogoutService.php',

    ),

  ),

  'certData' => 'MIICVTCCAb4CCQCpQGTl6wFjFTANBgkqhkiG9w0BAQsFADBvMQswCQYDVQQGEwJTRTEQMA4GA1UECAwHVXBwc2FsYTEQMA4GA1UEBwwHVXBwc2FsYTEbMBkGA1UECgwSQmlyZGllIGdvb2dsZSBhcHBzMR8wHQYDVQQDDBZnb29nbGUtYXBwcy5iaXJkaWUub3JnMB4XDTE2MDEwODE0MzIzNVoXDTQzMDUyNTE0MzIzNVowbzELMAkGA1UEBhMCU0UxEDAOBgNVBAgMB1VwcHNhbGExEDAOBgNVBAcMB1VwcHNhbGExGzAZBgNVBAoMEkJpcmRpZSBnb29nbGUgYXBwczEfMB0GA1UEAwwWZ29vZ2xlLWFwcHMuYmlyZGllLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvDntGjX6v3SZb/onACTqhLgMrJ6CyommeyQdIpBTx8zAThjLB3xIhs32qyTzUvk+foTzIQdqL1RExU9cSZYoq2NP5f16e1X+aBHcFrzMdHc3+K4y6ZW2PnwgEDMGdWZoibYg7tTeY6QauX4sbRtSF6IKrnmVZikDqqR1QYa8jRMCAwEAATANBgkqhkiG9w0BAQsFAAOBgQBJJDWcpFSpqtuZH1WKz5AB8vGsMq7rFiJ+9t/h90ZJabkGPVUMFEjSMkh+wP6pFa93Rv2UdcziL2WlWUcNq80asbM9EvwgbQ55wgIWwJkPUgzciN3poGkHr4WcmNmqsg6OAb0dGPy5wLZ2AoAxi+3M6t2aex4lZ5AAz+2jUmKVOQ==',

  'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',

  'contacts' => 

  array (

    0 => 

    array (

      'emailAddress' => 'in...@birdie.org',

      'contactType' => 'technical',

      'givenName' => 'Info',

    ),

  ),

); 

3) Identity Provider  metadata/saml20-sp-remote.php

$metadata['http://127.0.0.1/simplesaml/module.php/saml/sp/metadata.php/default-sp'] = array (
  'SingleLogoutService' => 
  array (
    0 => 
    array (
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
      'Location' => 'http://127.0.0.1/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp',
    ),
  ),
  'AssertionConsumerService' => 
  array (
    0 => 
    array (
      'index' => 0,
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
      'Location' => 'http://127.0.0.1/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
    ),
    1 => 
    array (
      'index' => 1,
      'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post',
      'Location' => 'http://127.0.0.1/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp',
    ),
    2 => 
    array (
      'index' => 2,
      'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
      'Location' => 'http://127.0.0.1/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
    ),
    3 => 
    array (
      'index' => 3,
      'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01',
      'Location' => 'http://127.0.0.1/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp/artifact',
    ),
  ),
  'contacts' => 
  array (
    0 => 
    array (
      'emailAddress' => 'vishal...@aksinteractive.com',
      'contactType' => 'technical',
      'givenName' => 'Vishal',
    ),
  ),
);

[Jaime Perez Crespo]

I think Peter was already pretty clear in his response, but let’s try again: you CAN’T use the OpenIdP.

--
Jaime Pérez
UNINETT / Feide

jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2

"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost

[Vishal Verma]

Hi Sir,

Thanks for your quick response. Now i am using SAML as a service poriver on localhost. Here is localhost SAML url "http://127.0.0.1/simplesaml/module.php/core/frontpage_welcome.php" and  as a identity provider on other domain. Here is the  "https://saml.birdie.org/simplesamlphp/module.php/core/frontpage_welcome.php".  I am facing some issue and i have some query. Please help me 

.

Identity Provider :

Servicer Provider:

When test service provider its redirect me to https://saml.birdie.org/simplesamlphp/saml2/idp/SSOService.php?SAMLRequest=lZJBb%2BIwEIX%2FSuR74iSEBCxAoqDVIrEtauge9lKZ2CmWHDvrmey2%2F77GUIn2gFT5NjPvmzdPngHvdM%2BWAx7No%2Fw7SMDotdMGWGjMyeAMsxwUMMM7CQwbVi9%2FbVmepKx3Fm1jNbmS3FZwAOlQWUOizXpOng%2BiLcdlURXTvDyMpxUv27KZjovJZNxkBR%2B1IsvLNs35hES%2FpQOvnBMP8nKAQW4MIDfoS2lWxWkRZ6N9NmJpzkbVHxKt%2FTXKcAyqI2IPjNKTyeSgnFAyse6Fgup6LcO1xz50c6pET%2Bv6oZbun2pk4hskWn5YX1kDQyfdpfv0uD3DPTvLqyT1L7ui0s6KQQdIoFO4bIl5A6EqZMsHjTH4LbtLpHfKCGVebqd5OA8B%2B7nf7%2BLdQ70ni9mJzUI6bvFNW51ELjjyL65m9Jo5O%2F%2BYe%2B9ms95ZrZq36Id1HcfbZk8VJeI2jDJ03ICSBn2wWtv%2FKyc5yjlBN0hCF%2BeVn%2F%2Fl4h0%3D&RelayState=http%3A%2F%2F127.0.0.1%2Fsimplesaml%2Fmodule.php%2Fcore%2Fauthenticate.php%3Fas%3Ddefault-sp

Thats not working. Please Help me. I am working on this from 4 days.

On Thu, Apr 13, 2017 at 5:13 PM, Peter Schober <peter....@univie.ac.at> wrote:

* vishal.verma@aksinteractive.com <vishal.verma@aksinteractive.com> [2017-04-13 07:59]:

--
You received this message because you are subscribed to a topic in the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/simplesamlphp/6nggNoe2J6M/unsubscribe.
To unsubscribe from this group and all its topics, send an email to simplesamlphp+unsubscribe@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at https://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.

--

Thanks and Regards,
Vishal Verma
PHP Developer | AKS Interactive Solutions Pvt. Ltd.
E: vishal.verma@aksinteractive.com, W: http://www.aksinteractive.com 
Land line: 011-41021254
phone: 7503733969

​

WEB DESIGN  I WEB DEVELOPMENT I  MARKETING

"This electronic transmission and any file(s) transmitted with it are confidential and proprietary of AKS INTERACTIVE (AKS). It is solely for the use of the intended recipient. Access to this email by anyone else is unauthorized. If you have received this email in error, please delete this information and notify the sender. Although this email has been scanned for all known viruses, however AKS will not be liable in any way whatsoever for any direct, indirect or consequential damages arising from the contents of this transmission. 
Any views or opinions expressed in this email are solely those of the author and not necessarily reflect the opinion of AKS".

 

"Let’s Make this World a Creative Place.”

[Vishal Verma]

Jaime Perez Crespo  have you check my query?

On Fri, Apr 14, 2017 at 3:16 PM, Vishal Verma <vishal...@aksinteractive.com> wrote:

Hi 

I am not using openid. i am using only saml on one domain as a service provider and on other domain as a identity service provider.

On Fri, Apr 14, 2017 at 3:13 PM, Jaime Perez Crespo <jaime...@uninett.no> wrote:

I think Peter was already pretty clear in his response, but let’s try again: you CAN’T use the OpenIdP.

[Vishal Verma]

Hi 

I am not using openid. i am using only saml on one domain as a service provider and on other domain as a identity service provider.

On Fri, Apr 14, 2017 at 3:13 PM, Jaime Perez Crespo <jaime...@uninett.no> wrote:

I think Peter was already pretty clear in his response, but let’s try again: you CAN’T use the OpenIdP.

> vishal.verma@aksinteractive.com

> ',
>       'contactType' => 'technical',
>       'givenName' => 'Vishal',
>     ),
>   ),
> );

--
Jaime Pérez
UNINETT / Feide

jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B  43E3 562A FE3A 6293 62C2

"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost

--
You received this message because you are subscribed to a topic in the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/simplesamlphp/6nggNoe2J6M/unsubscribe.
To unsubscribe from this group and all its topics, send an email to simplesamlphp+unsubscribe@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at https://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.

[Jaime Perez Crespo]

Hi,

On 13 Apr 2017, at 15:03 PM, Vishal Verma <vishal...@aksinteractive.com> wrote:
> Hi Sir,
>
> Thanks for your quick response. Now i am using SAML as a service poriver on localhost. Here is localhost SAML url "http://127.0.0.1/simplesaml/module.php/core/frontpage_welcome.php" and as a identity provider on other domain. Here is the "https://saml.birdie.org/simplesamlphp/module.php/core/frontpage_welcome.php". I am facing some issue and i have some query. Please help me
> .
>
> Identity Provider :
>

> <SimpleSAMLphp installation page (1).png>
>
> Servicer Provider:
>
> <SimpleSAMLphp installation page.png>

>
>
> When test service provider its redirect me to https://saml.birdie.org/simplesamlphp/saml2/idp/SSOService.php?SAMLRequest=lZJBb%2BIwEIX%2FSuR74iSEBCxAoqDVIrEtauge9lKZ2CmWHDvrmey2%2F77GUIn2gFT5NjPvmzdPngHvdM%2BWAx7No%2Fw7SMDotdMGWGjMyeAMsxwUMMM7CQwbVi9%2FbVmepKx3Fm1jNbmS3FZwAOlQWUOizXpOng%2BiLcdlURXTvDyMpxUv27KZjovJZNxkBR%2B1IsvLNs35hES%2FpQOvnBMP8nKAQW4MIDfoS2lWxWkRZ6N9NmJpzkbVHxKt%2FTXKcAyqI2IPjNKTyeSgnFAyse6Fgup6LcO1xz50c6pET%2Bv6oZbun2pk4hskWn5YX1kDQyfdpfv0uD3DPTvLqyT1L7ui0s6KQQdIoFO4bIl5A6EqZMsHjTH4LbtLpHfKCGVebqd5OA8B%2B7nf7%2BLdQ70ni9mJzUI6bvFNW51ELjjyL65m9Jo5O%2F%2BYe%2B9ms95ZrZq36Id1HcfbZk8VJeI2jDJ03ICSBn2wWtv%2FKyc5yjlBN0hCF%2BeVn%2F%2Fl4h0%3D&RelayState=http%3A%2F%2F127.0.0.1%2Fsimplesaml%2Fmodule.php%2Fcore%2Fauthenticate.php%3Fas%3Ddefault-sp
>
> Thats not working. Please Help me. I am working on this from 4 days.

And what does “not working” mean?

[Jaime Perez Crespo]

Hi,

On 14 Apr 2017, at 11:46 AM, Vishal Verma <vishal...@aksinteractive.com> wrote:
> Hi
>

> I am not using openid. i am using only saml on one domain as a service provider and on other domain as a identity service provider.

First, openid != openidp.

Second, that’s not what you said previously:

> I have installed simplesamlphp on my localhost and i have used openid for idp. I am facing an issue when i authenticate default sp i redirect me to openid and throwing this error

>
> SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'http://127.0.0.1/simplesaml/module.php/saml/sp/metadata.php/default-sp\'')

> Backtrace:

> 3 /www/openidp.feide.no/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:293 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData)
> 2 /www/openidp.feide.no/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:310 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataConfig)
> 1 /www/openidp.feide.no/simplesamlphp/modules/saml/lib/IdP/SAML2.php:296 (sspmod_saml_IdP_SAML2::receiveAuthnRequest)
> 0 /www/openidp.feide.no/simplesamlphp/www/saml2/idp/SSOService.php:19 (N/A)

[Vishal Verma]

Hi Sir,

I have setup:

WordPress(WP) 4.2.2 with SAML single sign on plugin(SP), SimpleSAMLphp(SSP) v1.13(IdP)  Ldap. 

I am using this setup for:

To authenticate WP user with SSP.

The flow goes like this:

User send authentication request from WP. Request is  forwarded to SSP (claims party). SSP authenticates user with help of Ldap, sends response to  WP.  When ts redirect back to wordpress site its give this "A username was not provided".

Please help me to resolve this. I am working on saml from 6 to 7 days but still its not working properly. 

On Mon, Apr 17, 2017 at 4:17 PM, Vishal Verma <vishal...@aksinteractive.com> wrote:

Hi,

I have successfully installed simplesamlphp as a services provider and Idp provider.Now i need a help. i want to store my user data on database.

now when I login to my wordpress site its redirect me to saml login page. help me what i do next to store my user data.

On Mon, Apr 17, 2017 at 4:12 PM, Jaime Perez Crespo <jaime...@uninett.no> wrote:

Hi,

[Vishal Verma]

Hi,

I have successfully installed simplesamlphp as a services provider and Idp provider.Now i need a help. i want to store my user data on database.

now when I login to my wordpress site its redirect me to saml login page. help me what i do next to store my user data.

On Mon, Apr 17, 2017 at 4:12 PM, Jaime Perez Crespo <jaime...@uninett.no> wrote:

Hi,

--
You received this message because you are subscribed to a topic in the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/simplesamlphp/6nggNoe2J6M/unsubscribe.
To unsubscribe from this group and all its topics, send an email to simplesamlphp+unsubscribe@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at https://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.

[Dubravko Voncina]

Your Identity Provider doesn't appear to have any Service Providers registered. Are you sure that your IdP web server has the read permission on file ../metadata/saml20-sp-remote.php?

Dubravko Voncina
Middleware and Data Services Department
University of Zagreb, University Computing Centre, www.srce.unizg.hr
dubravko...@srce.hr, tel: +385 98 219273, fax: +385 1 6165559

You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.

[Jaime Perez Crespo]

Hi,

On 18 Apr 2017, at 08:56 AM, Vishal Verma <vishal...@aksinteractive.com> wrote:
> Hi Sir,
>
> I have setup:
>
> WordPress(WP) 4.2.2 with SAML single sign on plugin(SP), SimpleSAMLphp(SSP) v1.13(IdP) Ldap.

First of all, you should *always* use the latest version of the software. Currently, the latest stable version is 1.14.12. Plenty of bugs and security issues have been fixed since the version you are using was released.

> I am using this setup for:
>
> To authenticate WP user with SSP.
>
> The flow goes like this:
>
> User send authentication request from WP. Request is forwarded to SSP (claims party). SSP authenticates user with help of Ldap, sends response to WP. When ts redirect back to wordpress site its give this "A username was not provided”.

This is a Wordpress error, not a SimpleSAMLphp error, so you should ask in the appropriate forum.

My guess would be that you are not sending the attributes that Wordpress needs (from the IdP to the SP), but it’s really not up to us to tell, specially not with so little information.

> Please help me to resolve this. I am working on saml from 6 to 7 days but still its not working properly.

I’m sorry if this sounds crude, as that’s not my intention at all, but it’s your own fault. You need to start reading the documentation and asking the right questions in the right places. So far, we’ve seen plenty of messages from you here, mostly as replies to old threads instead of starting your own one, and none of them describing the same problem, usually without any error messages, log traces or actual explanations of what you are trying to do and/or what’s wrong.

We are glad to help, but we can’t help you out if you don’t allow us. So:

- Read the documentation. If something is unclear, come here and ask, preferably without replying to a several-years old, unrelated message.
- Try to setup what you want following the documentation. If something doesn’t work as expected, come here and ask, providing:

- Detailed explanations of what you are trying to do.
- Detailed explanations of what you expect.
- Detailed explanations of what you get.
- Log traces.
- Details on your setup.
- Error messages.

If you follow those simple steps, you’ll have things up and running pretty fast, and you’ll stop wasting your time (and ours).