9:43 p.m.
Am 17.09.2017 um 13:39 schrieb Admin IFMSA-Sweden
<admin at ifmsa.se>:
Another question, I am trying to setup a proxy with Dynamics 365 Portal as SP and SWAMID
metadata as IdP. My intention is to use SWAMID/NORDUNET discovery service for IdP
discovery. We will add a web server in front of the proxy later. Our configs for SAML2SAML
are on GitHub link below, using self signed certificates (https, metadata, frontend and
backend, 4 pairs, not included), however, I can not get any success.
Am I missing anything fundamental?
Disclaimer: I have just started using SATOSA myself. But I can share the log file of a
working proxy:
[2017-09-17 05:36:33] [DEBUG]: Loaded micro services with endpoints:
[<satosa.micro_services.attribute_modifications.AddStaticAttributes object at
0x7f9bcc458da0>]
[2017-09-17 05:36:48] [DEBUG]: read request data: {'SAMLRequest': ‚jZJdT8IwFI ...
0f+Xkn2CQ==', 'SigAlg':
'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', 'RelayState':
'ss:mem:e490331e1e ... d20d8923', 'Signature': 'RYnkl ...
Y+AxnvQ=='}
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227] Loading
state from cookie: SATOSA_STATE=„_Td6WFoAAA ... AAAAARZWg=="
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227] Routing
path: Saml2/sso/redirect
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227] Found
registered endpoint: module name:'Saml2IDP', endpoint: Saml2/sso/redirect
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227]
<ns0:AuthnRequest xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion"
AssertionConsumerServiceURL="https://sp5.test.portalverbund.gv.at/Shibboleth.sso/SAML2/POST"
Destination="https://proxy5.test.portalverbund.gv.at/Saml2/sso/redirect"
ID="_c2bdda7d359c3284143d72963bcdb8d3"
IssueInstant="2017-09-17T05:36:48Z"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Version="2.0"><ns1:Issuer>https://sp5.test.portalverbund.gv.at/sp.xml</ns1:Issuer><ns0:NameIDPolicy
AllowCreate="1" /></ns0:AuthnRequest>
You seem to receive an empty request.
- Rainer
Thanks
https://github.com/ifmsasweden/s2s <https://github.com/ifmsasweden/s2s>
docker run -p 443:8000 -v /home/ifmsa/s2s:/opt/satosa/etc -e DATA_DIR=/opt/satosa/etc -e
PROXY_PORT=8000 -e METADATA_DIR=metadata satosa/satosa
Writing metadata to 'metadata/frontend.xml'
Writing metadata to 'metadata/backend.xml'
[2017-09-17 10:34:03 +0000] [1] [INFO] Starting gunicorn 19.7.1
[2017-09-17 10:34:03 +0000] [1] [INFO] Listening at: https://0.0.0.0:8000
<https://0.0.0.0:8000/> (1)
[2017-09-17 10:34:03 +0000] [1] [INFO] Using worker: sync
[2017-09-17 10:34:03 +0000] [19] [INFO] Booting worker with pid: 19
[2017-09-17 10:34:04] [INFO ]: Loading backend modules...
[2017-09-17 10:34:23] [INFO ]: Setup backends: ['Saml2']
[2017-09-17 10:34:23] [INFO ]: Loading frontend modules...
[2017-09-17 10:34:23] [INFO ]: Setup frontends: ['Saml2IDP']
[2017-09-17 10:34:23] [INFO ]: Loading micro services...
[2017-09-17 10:34:23] [INFO ]: Loaded request micro services: []
[2017-09-17 10:34:23] [INFO ]: Loaded response micro services:
['AddStaticAttributes']
[2017-09-17 10:34:24] [DEBUG]: Loaded backends with endpoints:
[<satosa.backends.saml2.SAMLBackend object at 0x7f8b2e900c50>]
[2017-09-17 10:34:24] [DEBUG]: Loaded frontends with endpoints:
[<satosa.frontends.saml2.SAMLFrontend object at 0x7f8b2defb940>]
[2017-09-17 10:34:24] [DEBUG]: Loaded micro services with endpoints:
[<satosa.micro_services.attribute_modifications.AddStaticAttributes object at
0x7f8b2defb780>]
[2017-09-17 10:36:26] [DEBUG]: read request data: {}
[2017-09-17 10:36:26] [DEBUG]: Did not find cookie named 'SATOSA_STATE' in cookie
string ''
[2017-09-17 10:36:26] [DEBUG]: [urn:uuid:cb482c60-12c8-4d3a-b954-007c7e5e7fd6] Routing
path: Saml2IDP/proxy.xml
[2017-09-17 10:36:26] [DEBUG]: [urn:uuid:cb482c60-12c8-4d3a-b954-007c7e5e7fd6] Unknown
backend Saml2IDP
>
> - Rainer