[Satosa-dev] usage questions?

Rainer Hoerbe rainer at hoerbe.at
Sun Sep 17 21:43:48 CEST 2017


> Am 17.09.2017 um 13:39 schrieb Admin IFMSA-Sweden <admin at ifmsa.se>:
> 
> 
> 
> Another question, I am trying to setup a proxy with Dynamics 365 Portal as SP and SWAMID metadata as IdP. My intention is to use SWAMID/NORDUNET discovery service for IdP discovery. We will add a web server in front of the proxy later. Our configs for SAML2SAML are on GitHub link below, using self signed certificates (https, metadata, frontend and backend, 4 pairs, not included), however, I can not get any success.
> 
> Am I missing anything fundamental?

Disclaimer: I have just started using SATOSA myself. But I can share the log file of a working proxy:


[2017-09-17 05:36:33] [DEBUG]: Loaded micro services with endpoints: [<satosa.micro_services.attribute_modifications.AddStaticAttributes object at 0x7f9bcc458da0>]
[2017-09-17 05:36:48] [DEBUG]: read request data: {'SAMLRequest': ‚jZJdT8IwFI ... 0f+Xkn2CQ==', 'SigAlg': 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', 'RelayState': 'ss:mem:e490331e1e ... d20d8923', 'Signature': 'RYnkl ... Y+AxnvQ=='}
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227] Loading state from cookie: SATOSA_STATE=„_Td6WFoAAA ... AAAAARZWg=="
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227] Routing path: Saml2/sso/redirect
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227] Found registered endpoint: module name:'Saml2IDP', endpoint: Saml2/sso/redirect
[2017-09-17 05:36:48] [DEBUG]: [urn:uuid:2285f022-6889-4d28-9c68-e46288460227] <ns0:AuthnRequest xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" AssertionConsumerServiceURL="https://sp5.test.portalverbund.gv.at/Shibboleth.sso/SAML2/POST" Destination="https://proxy5.test.portalverbund.gv.at/Saml2/sso/redirect" ID="_c2bdda7d359c3284143d72963bcdb8d3" IssueInstant="2017-09-17T05:36:48Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><ns1:Issuer>https://sp5.test.portalverbund.gv.at/sp.xml</ns1:Issuer><ns0:NameIDPolicy AllowCreate="1" /></ns0:AuthnRequest>



You seem to receive an empty request. 

- Rainer


> 
> Thanks
> 
> https://github.com/ifmsasweden/s2s <https://github.com/ifmsasweden/s2s>
> 
> docker run -p 443:8000 -v /home/ifmsa/s2s:/opt/satosa/etc -e DATA_DIR=/opt/satosa/etc -e PROXY_PORT=8000 -e METADATA_DIR=metadata satosa/satosa
> 
> Writing metadata to 'metadata/frontend.xml'
> Writing metadata to 'metadata/backend.xml'
> [2017-09-17 10:34:03 +0000] [1] [INFO] Starting gunicorn 19.7.1
> [2017-09-17 10:34:03 +0000] [1] [INFO] Listening at: https://0.0.0.0:8000 <https://0.0.0.0:8000/> (1)
> [2017-09-17 10:34:03 +0000] [1] [INFO] Using worker: sync
> [2017-09-17 10:34:03 +0000] [19] [INFO] Booting worker with pid: 19
> [2017-09-17 10:34:04] [INFO ]: Loading backend modules...
> [2017-09-17 10:34:23] [INFO ]: Setup backends: ['Saml2']
> [2017-09-17 10:34:23] [INFO ]: Loading frontend modules...
> [2017-09-17 10:34:23] [INFO ]: Setup frontends: ['Saml2IDP']
> [2017-09-17 10:34:23] [INFO ]: Loading micro services...
> [2017-09-17 10:34:23] [INFO ]: Loaded request micro services: []
> [2017-09-17 10:34:23] [INFO ]: Loaded response micro services: ['AddStaticAttributes']
> [2017-09-17 10:34:24] [DEBUG]: Loaded backends with endpoints: [<satosa.backends.saml2.SAMLBackend object at 0x7f8b2e900c50>]
> [2017-09-17 10:34:24] [DEBUG]: Loaded frontends with endpoints: [<satosa.frontends.saml2.SAMLFrontend object at 0x7f8b2defb940>]
> [2017-09-17 10:34:24] [DEBUG]: Loaded micro services with endpoints: [<satosa.micro_services.attribute_modifications.AddStaticAttributes object at 0x7f8b2defb780>]
> [2017-09-17 10:36:26] [DEBUG]: read request data: {}
> [2017-09-17 10:36:26] [DEBUG]: Did not find cookie named 'SATOSA_STATE' in cookie string ''
> [2017-09-17 10:36:26] [DEBUG]: [urn:uuid:cb482c60-12c8-4d3a-b954-007c7e5e7fd6] Routing path: Saml2IDP/proxy.xml
> [2017-09-17 10:36:26] [DEBUG]: [urn:uuid:cb482c60-12c8-4d3a-b954-007c7e5e7fd6] Unknown backend Saml2IDP
>> 
>> - Rainer

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sunet.se/pipermail/satosa-dev/attachments/20170917/f2f6bfc6/attachment-0001.html>


More information about the Satosa-dev mailing list