Forums | Mahara Community

Support /
Mahara SAML not auto creating accounts


Robert Lyon's profile picture
Posts: 774

21 December 2020, 10:33

Hi Duncan,

It sounds like one of the many 'throw new AccessDeniedException()' in

https://git.mahara.org/mahara/mahara/-/blob/master/htdocs/auth/saml/lib.php

is being triggered.

but which one is causing your issue will take some trial and error.

Is there any information in your error log that could indicate which line htdocs/auth/saml/lib.php it is failing on?

You can try adding some log_debug('here'); lines in that file and see where it gets to before the fail

Cheers

Robert

Duncan Ruddock's profile picture
Posts: 9

21 December 2020, 15:55

Hi Robert,

 

Thank you for pointing me in the right direction. I applied log_debug('here'); to each exception call and found that the error was coming from the if statement on line 318:

 if (!get_config('saml_create_minimum_user')) {
                if (empty($firstname) || empty($lastname) || empty($email)) {
                    throw new AccessDeniedException(get_string('errormissinguserattributes1', 'auth.saml', get_config('sitename')));
                }

 

 log_debug($firstname);
 log_debug($lastname);
 log_debug($email);
 log_debug($attributes); 

 

I added the above  debugging to the if statement and found that $firstname and $email were reporting the correct data, but $lastname was reporting NULL. Oddly, $attributes was reporting the correct surname. I changed the name of the outgoing claim attached to the user's surname in ADFS and it is now working correctly.

 

Not really sure why this all happened but it seems to be working now, so thank you for all your help :)

 

Duncan

12 results