Forums | Mahara Community

Support /
auth saml - sso problems


anonymous profile picture
Account deleted
Posts: 20

04 August 2010, 5:02

Hi all,

    I am trying to set up the auth saml module and I need some help :)

    I have got simplesaml working fine outside of mahara, but when i goto maharainstall/auth/saml the redirect works to simplesaml and the to the idp but the return from the idp goes back on the simplesaml idp selection page.

    I was using the latest release, so I tried to use the older one (that the current auth saml instructions seem to match) but cant get hold of the plugin.

   Finally I installed the beta version of mahra 1.3 and the the /auth/saml link did not work error "institution for connecting user not resolved".

     Anybody have any tips on getting it working?

Thanks,

Tom

anonymous profile picture
Account deleted
Posts: 20

04 August 2010, 8:50

Quick update:

   Think I have found the cause, the return I get from the idp is not matched with a authority. Looking at the simplesaml logs I get

"Aug 04 09:34:07 simplesamlphp DEBUG [94e0941a59] Library - Session: Check if session is valid. checkauthority:default-sp thisauthority:null"

whilst in the simplesaml demo that works I get

"Aug 04 09:32:17 simplesamlphp DEBUG [d13505167d] Library - Session: Check if session is valid. checkauthority:default-sp thisauthority:default-sp isauthenticated:yes remainingtime:28800"

so need to set the authority somehow, anybody know how?


will update if I fix it.


Cheers,

Tom

anonymous profile picture
Account deleted
Posts: 20

04 August 2010, 9:24

Ok more progress...

I checked the mahara error log and found this entry

[Wed Aug 04 06:29:06 2010] [error] [client 62.252.24.130]   * ensure_sanity() at /usr/share/mahara/htdocs/init.php:80

Dont know if it was connected but the sanity check did not work in the simplesaml install. So I commented this out and now I got  a redirect back to Mahara!

However the page content is below (dont think it is a big problem).

So I hope this post helps any others who go down this path, I guess the sanity check could be removed / seen as a bug?

---------

Not Found

The page you are looking for could not be found

Institution for connecting user not resolved

--------

Cheers,

Tom

anonymous profile picture
Account deleted
Posts: 1

02 September 2010, 10:21

Did you find any solution to the "Institution for connecting user not resolved" problem?

I'm experiencing the same after configuring a Mahara institution using the SAML auth plugin. The "simplesamlphp" install works directly authenticating using an LDAP backend but login in Mahara fails with above message.

anonymous profile picture
Account deleted
Posts: 20

03 September 2010, 2:32

Hi,

      Yes, I figured it out (sorry should have posted on here). Basically the SSO was working fine. But from the returned xml from the idp I was not extracting and institution name that matches with one already in Mahara.

     I used a simplesaml example IDP (openidp.feide.no) to do the SSO which had a name of realm-rnd.feide.no so I used that as the "institution value to check against attribute"  in the SAML authentication plugin window and it worked.

 Cheers,


Tom

Joan Forcada's profile picture
Posts: 70

03 July 2019, 23:31

I have a same error:

 

Not found

The page you are looking for could not be found.

Institution for connecting user not resolved.

 

I don't understant this solution. Can you help me please?

 

Thanks in advandce.

Kristina Hoeppner's profile picture
Posts: 4717
7 results