v2.0.4 integrated with Google Workspace
108 views
Skip to first unread message
Vince DeRusso
Jul 21, 2023, 10:43:27 AM7/21/23
to SimpleSAMLphp
I've followed the directions in the documentation
Setting up a SimpleSAMLphp SAML 2.0 IdP to use with Google Workspace for Education. The problem is that the documentation isn't correct for the example URL for singlesignonservice. That is the old format. The new one is way different. I'm able to authenticate and login to google through 2.0.4 just fine. But, the problem I'm having is trying to figure out what the singlesignout service would be. In v1.19.7, the sign-out url you enter in google workspace is ../simplesaml/saml2/idp/initSLO.php?RelayState=/simplesaml/logout.php. In v2.0.4, that file doesn't exist anymore. So, when you logout, it just gives you a file not found message. The logout from the metadata file on 2.0.4 says it's going to ../simplesaml/module.php/saml/idp/singleLogout. I saw on Slack that someone said to add ?ReturnTo= to the end of that, but nothing about what was supposed to be added. So, I'm not sure what needs to happen in either simplesamlphp or what needs to be added to successfully logout without an error message. I'm hoping someone has come up with a fix to this. Thank you.
Message has been deleted
Tim van Dijen
Jul 24, 2023, 7:26:54 AM7/24/23
to SimpleSAMLphp
Hi Vince,
I believe the correct url to enter in Google Workspace is: /simplesaml/module.php/saml/idp/initSingleLogout?RelayState=/simplesaml/module.php/saml/idp/singleLogout
- Tim
- Tim
Op vrijdag 21 juli 2023 om 16:43:27 UTC+2 schreef vjd...@gmail.com:
Vince DeRusso
Jul 24, 2023, 10:37:21 AM7/24/23
to SimpleSAMLphp
Thanks. When I try using that link, I get the following:
SimpleSAML\Error\Error: UNHANDLEDEXCEPTION
Backtrace:2 public/_include.php:28 (SimpleSAML_exception_handler)1 vendor/symfony/error-handler/ErrorHandler.php:607 (Symfony\Component\ErrorHandler\ErrorHandler::handleException)0 [builtin] (N/A)Caused by: SAML2\Exception\Protocol\UnsupportedBindingException: Unable to find the SAML 2 binding used for this request.Backtrace:5 vendor/simplesamlphp/saml2/src/SAML2/Binding.php:117 (SAML2\Binding::getCurrentBinding)4 modules/saml/src/IdP/SAML2.php:621 (SimpleSAML\Module\saml\IdP\SAML2::receiveLogoutMessage)3 [builtin] (call_user_func_array)2 src/SimpleSAML/HTTP/RunnableResponse.php:72 (SimpleSAML\HTTP\RunnableResponse::sendContent)1 vendor/symfony/http-foundation/Response.php:394 (Symfony\Component\HttpFoundation\Response::send)0 public/module.php:14 (N/A)
Backtrace:2 public/_include.php:28 (SimpleSAML_exception_handler)1 vendor/symfony/error-handler/ErrorHandler.php:607 (Symfony\Component\ErrorHandler\ErrorHandler::handleException)0 [builtin] (N/A)Caused by: SAML2\Exception\Protocol\UnsupportedBindingException: Unable to find the SAML 2 binding used for this request.Backtrace:5 vendor/simplesamlphp/saml2/src/SAML2/Binding.php:117 (SAML2\Binding::getCurrentBinding)4 modules/saml/src/IdP/SAML2.php:621 (SimpleSAML\Module\saml\IdP\SAML2::receiveLogoutMessage)3 [builtin] (call_user_func_array)2 src/SimpleSAML/HTTP/RunnableResponse.php:72 (SimpleSAML\HTTP\RunnableResponse::sendContent)1 vendor/symfony/http-foundation/Response.php:394 (Symfony\Component\HttpFoundation\Response::send)0 public/module.php:14 (N/A)
Not sure what that error is relating to, but the one thing I didn't change when testing was the sign-on url from what it was in 1.19.7. Which is /simplesaml/saml2/idp/SSOService.php. Does that error have something to do with that and I need to change that to what the metadata says to use for singlesignon URL?
Reply all
Reply to author
Forward
0 new messages