Invalid type of authentication source 'ldap-example'
313 views
Skip to first unread message
Seitan
Aug 20, 2015, 3:47:39 AM8/20/15
to simpleSAMLphp
Hello groups,
i'm trying to add simplesaml authentication with LDAP module to owncloud system.
While testing authentication source "ldap-example" passes without any problems, i'm getting strange error, while trying to authenticate via owncloud saml module.
The error states that:
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Caused by: SimpleSAML_Error_Exception: Invalid type of authentication source 'ldap-example'. Was 'sspmod_ldap_Auth_Source_LDAP', should be 'sspmod_saml_Auth_Source_SP'.
Could you please guide me to the direction I should look up?
thank you.
i'm trying to add simplesaml authentication with LDAP module to owncloud system.
While testing authentication source "ldap-example" passes without any problems, i'm getting strange error, while trying to authenticate via owncloud saml module.
The error states that:
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Caused by: SimpleSAML_Error_Exception: Invalid type of authentication source 'ldap-example'. Was 'sspmod_ldap_Auth_Source_LDAP', should be 'sspmod_saml_Auth_Source_SP'.
Could you please guide me to the direction I should look up?
thank you.
Jaime Perez Crespo
Aug 26, 2015, 12:55:31 PM8/26/15
to simple...@googlegroups.com
Hi,
I’m afraid there’s something that you are doing that doesn’t make sense.
If you’ve set up a SimpleSAMLphp instance with an LDAP authentication source, I’m assuming your SSP instance is the IdP (the one authenticating the user). However, the only case when you can get that error is when you receive a SAML response and the AssertionConsumerService URL has an auth source identifier that’s not a SAML auth source (which is completely logical, that’s the SAML AssertionConsumerService, so the auth source used must be a SAML one!).
So if you have the IdP, why are you receiving a SAML response message from owncloud into your AssertionConsumerService endpoint?
--
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
I’m afraid there’s something that you are doing that doesn’t make sense.
If you’ve set up a SimpleSAMLphp instance with an LDAP authentication source, I’m assuming your SSP instance is the IdP (the one authenticating the user). However, the only case when you can get that error is when you receive a SAML response and the AssertionConsumerService URL has an auth source identifier that’s not a SAML auth source (which is completely logical, that’s the SAML AssertionConsumerService, so the auth source used must be a SAML one!).
So if you have the IdP, why are you receiving a SAML response message from owncloud into your AssertionConsumerService endpoint?
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
Seitan
Aug 28, 2015, 5:05:15 AM8/28/15
to simpleSAMLphp
You are right, I am lost somwhere.
Thing is that simplesamlphp is installed on a different machine.
Owncloud user_saml module requires simplesamlphp to be included into module path.
So I've installed second simplesamlphp next to owncloud and configured authsorces.php:
'sp1' => array(
'saml:SP',
'entityID' => 'owoncloud',
'idp' => 'http://saml.server.cm/',
),
And saml20-idp-remote.php:
$metadata['http://saml.server.com/'] = array(
'SingleSignOnService' => 'http://saml.server.com/saml2/idp/SSOService.php',
'SingleLogoutService' => 'http://saml.server.comsaml2/idp/SingleLogoutService.php',
'certFingerprint' => 'xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:x',
);
Plus configured saml20-sp-remote.php on saml.example.com server:
$metadata['owncloud'] = array(
'AssertionConsumerService' => 'http://saml.server.com/module.php/saml/sp/saml2-acs.php/ldap-example',
'SingleLogoutService' => 'http://saml.server.com/module.php/saml/sp/saml2-logout.php/ldap-example',
'certFingerprint' => 'xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx',
);
So, where did i went wrong? Thank you
Thing is that simplesamlphp is installed on a different machine.
Owncloud user_saml module requires simplesamlphp to be included into module path.
So I've installed second simplesamlphp next to owncloud and configured authsorces.php:
'sp1' => array(
'saml:SP',
'entityID' => 'owoncloud',
'idp' => 'http://saml.server.cm/',
),
And saml20-idp-remote.php:
$metadata['http://saml.server.com/'] = array(
'SingleSignOnService' => 'http://saml.server.com/saml2/idp/SSOService.php',
'SingleLogoutService' => 'http://saml.server.comsaml2/idp/SingleLogoutService.php',
'certFingerprint' => 'xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:x',
);
Plus configured saml20-sp-remote.php on saml.example.com server:
$metadata['owncloud'] = array(
'AssertionConsumerService' => 'http://saml.server.com/module.php/saml/sp/saml2-acs.php/ldap-example',
'SingleLogoutService' => 'http://saml.server.com/module.php/saml/sp/saml2-logout.php/ldap-example',
'certFingerprint' => 'xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx',
);
So, where did i went wrong? Thank you
Reply all
Reply to author
Forward
0 new messages