simplesamlphp throwing error after integrating with an APP
1,069 views
Skip to first unread message
Mohamed Barry
Feb 8, 2018, 7:47:08 AM2/8/18
to SimpleSAMLphp
Anyone can help with this issue: I have simplesamlphp installed and tested successfully with my IdP and SP. when I integrated the APP following the doc (step 6) https://simplesamlphp.org/docs/1.5/simplesamlphp-sp I started getting errors I will post bellow. Here is my autoload.php:
require __DIR__.'/../vendor/autoload.php';
require_once('/var/simplesamlphp/lib/_autoload.php');
$as = new SimpleSAML_Auth_Simple ( 'default-sp' );
if ($as->isAuthenticated ()) {
//die ( 'ok' );
} else {
$param = array (
'ReturnTo' => 'http://10.128.240.181/'
);
$as->requireAuth ( $param );
}
$attributes = $as->getAttributes();
print_r($attributes);
$session = SimpleSAML_Session::getSessionFromRequest();
$session->cleanup();
Error output:
Feb 07 16:52:32 simplesamlphp WARNING [CL0a04f709] The class or interface 'SimpleSAML_Auth_Simple' is now using namespaces, please use 'SimpleSAML\Auth\Simple'.
PHP Notice: Undefined index: REQUEST_URI in /var/simplesamlphp/lib/SimpleSAML/Utils/HTTP.php on line 810
PHP Stack trace:
PHP 1. {main}() /var/www/Cachet/bootstrap/autoload.php:0
PHP 2. SimpleSAML\Auth\Simple->requireAuth() /var/www/Cachet/bootstrap/autoload.php:58
PHP 3. SimpleSAML\Auth\Simple->login() /var/simplesamlphp/lib/SimpleSAML/Auth/Simple.php:103
PHP 4. sspmod_saml_Auth_Source_SP->initLogin() /var/simplesamlphp/lib/SimpleSAML/Auth/Simple.php:161
PHP 5. sspmod_saml_Auth_Source_SP->authenticate() /var/simplesamlphp/lib/SimpleSAML/Auth/Source.php:193
PHP 6. sspmod_saml_Auth_Source_SP->startSSO() /var/simplesamlphp/modules/saml/lib/Auth/Source/SP.php:431
PHP 7. sspmod_saml_Auth_Source_SP->startSSO2() /var/simplesamlphp/modules/saml/lib/Auth/Source/SP.php:336
PHP 8. sspmod_saml_Auth_Source_SP->sendSAML2AuthnRequest() /var/simplesamlphp/modules/saml/lib/Auth/Source/SP.php:298
PHP 9. SAML2\HTTPRedirect->send() /var/simplesamlphp/modules/saml/lib/Auth/Source/SP.php:314
PHP 10. SAML2\Compat\Ssp\Container->redirect() /var/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/HTTPRedirect.php:83
PHP 11. SimpleSAML_Utilities::redirectTrustedURL() /var/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/Compat/Ssp/Container.php:52
PHP 12. SimpleSAML\Utils\HTTP::redirectTrustedURL() /var/simplesamlphp/lib/SimpleSAML/Utilities.php:276
PHP 13. SimpleSAML\Utils\HTTP::normalizeURL() /var/simplesamlphp/lib/SimpleSAML/Utils/HTTP.php:968
PHP 14. SimpleSAML\Utils\HTTP::getSelfURL() /var/simplesamlphp/lib/SimpleSAML/Utils/HTTP.php:889
****PHP Fatal error: Uncaught SimpleSAML_Error_UnserializableException: Unable to parse base url: http://localhost in /var/simplesamlphp/lib/SimpleSAML/Auth/Source.php:197****
Stack trace:
#0 /var/simplesamlphp/lib/SimpleSAML/Auth/Simple.php(161): SimpleSAML_Auth_Source->initLogin('http://10.128.2...', NULL, Array)
#1 /var/simplesamlphp/lib/SimpleSAML/Auth/Simple.php(103): SimpleSAML\Auth\Simple->login(Array)
#2 /var/www/Cachet/bootstrap/autoload.php(58): SimpleSAML\Auth\Simple->requireAuth(Array)
#3 {main}
thrown in /var/simplesamlphp/lib/SimpleSAML/Auth/Source.php on line 197
Anyone has an idea what could be the cause of this error ?
Tim van Dijen
Feb 8, 2018, 7:52:21 AM2/8/18
to SimpleSAMLphp
Well, the fact that you're using documentation related to an ancient version of SimpleSAML surely isn't helping...
Have a look at the latest docs: https://simplesamlphp.org/docs/stable/simplesamlphp-sp
and let us know if that helped you!
- Tim
Op donderdag 8 februari 2018 13:47:08 UTC+1 schreef Mohamed Barry:
Op donderdag 8 februari 2018 13:47:08 UTC+1 schreef Mohamed Barry:
Mohamed Barry
Feb 8, 2018, 8:10:32 AM2/8/18
to SimpleSAMLphp
Hi Tim,
Thanks for your help !
Yes, I followed the steps in the latest doc when I installed the simplesamlphp and congifured the SP and IdP. I am getting the errors below when I add the function
$as->requireAuth(); in the autoload.php file of my APP as described in the step 6 of the documentation.
The simpleSAML is working fine without the integration with my APP. here are my authsources.php and saml20-remoteidp.php if that can help to find the issue.
authsources.php
<?php
$config = array(
'default-sp' => array(
'saml:SP',
'entityID' => 'http://10.128.240.181/',
'idp' => 'http://www.okta.com/xxxxxxxxx',
),
);
saml20-remoteidp.php
<?php
$metadata['Okta Entity ID URL'] = array(
'SingleSignOnService' => 'https://domain/app/xxxxx/xxxxxxxxxx/sso/saml',
'certificate' => 'okta.pem',
//certificate should be from okta, placed in your cert/ directory
);
Pieter van der Meulen
Feb 8, 2018, 9:38:17 AM2/8/18
to simple...@googlegroups.com
Hi Mohamed,
You typically won’t put authentication code in the autoload.php. You put it where you want to start authentication of the user, or verify that the user is authenticated.
That said. the error you get reads "Unable to parse base url: http://localhost”. What did you set in your config.php for “baseurlpath”? It must end in a ‘/‘ as described in the commented version in config-templates.
Pieter.
> --
> This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
>
> https://simplesamlphp.org/support
>
> Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
>
> Make sure to read the documentation:
>
> https://simplesamlphp.org/docs/stable/
>
> If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
>
> http://catb.org/~esr/faqs/smart-questions.html
> ---
> You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
You typically won’t put authentication code in the autoload.php. You put it where you want to start authentication of the user, or verify that the user is authenticated.
That said. the error you get reads "Unable to parse base url: http://localhost”. What did you set in your config.php for “baseurlpath”? It must end in a ‘/‘ as described in the commented version in config-templates.
Pieter.
> This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
>
> https://simplesamlphp.org/support
>
> Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
>
> Make sure to read the documentation:
>
> https://simplesamlphp.org/docs/stable/
>
> If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
>
> http://catb.org/~esr/faqs/smart-questions.html
> ---
> You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Mohamed Barry
Feb 8, 2018, 11:15:13 AM2/8/18
to SimpleSAMLphp
Hi there,
Thanks for the help.
Here is baseur in config.php.
$config = array(
'baseurlpath' => 'simplesaml/',
'application' => array(
'baseURL' => 'http://10.128.240.181'
),
To give more detail my APP hosted in 10.128.240.181 does not have authentication implemented in it. Is there a way to make SAML to just protecte it without having to implement authentication ?
Thanks again,
Mohamed
Reply all
Reply to author
Forward
0 new messages