Supporting each other

Community forums

Welcome, Guest
Username: Password: Remember me
Report any technical problems you discover and discuss solutions.
  • Page:
  • 1

TOPIC:

Problems with Saml2 password protected objects. 2 years 8 months ago #7967

  • gvanbreda
  • gvanbreda's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 3
  • Thank you received: 0
We are running 3.10 with the most recent set of patches, and when we try to access a password protected object, after we log in using our SSO, we then get shown the normal (non-SSO) login prompt.
It looks like $success is not being set around line 310 of play.php for the call to "login_processing(false)", so the conditional on line 324 fails.
Should it also be calling "login_processing2()" just after line 310 (if successful)?

Please Log in or Create an account to join the conversation.

Problems with Saml2 password protected objects. 2 years 8 months ago #7968

  • tom
  • tom's Avatar
  • Offline
  • Administrator
  • Administrator
  • Posts: 1286
  • Thank you received: 324
Sorry I took so long to answer:

I've (tried to) fix(ed) this in Octobre last year. As you can see, Line 310 is only used when using SSO or OAuth2 as an authentication method.

The problem is that the login_processing() will navigate away from this php file, so there is no use to add login_processing2() at that point. As you can see it adds a redirect URL to the session. The flow SHOULD then work as follows:

1. If you're not logged in, the login_processing() should redirect you to your sso solution, and than that will (normally) redirect back at the index.php file.
2. There login_processing2() is called
3. In index.php there is a check whether the redirect session variable exists. It's deleted and the redirection (to the play) is executed.

So, I don't know where this process goes wrong at your install. Could you enable development mode by setting $development to true (aroiund line 46) in config.php, try a login and look in the error_logs/debug.log file if you can follow the _debug messages (such as on line 308) to see what is happening?

I would not have expected the normal (non-SSO) loigin prompt to be honest, so that might be an indication that I missed something when I tried to fix this.

Also, just to be sure, we're talink about setting the sharing to Password and then using the normal play.php link to look at an LO. Correct?

If you could send me an excerpt of the debug.log, I'll see whther I can fix this.

Tom

Please Log in or Create an account to join the conversation.

Last edit: by tom.
  • Page:
  • 1
Moderators: ronmjultenJohnSmith
Time to create page: 0.045 seconds
Copyright © 2024 The Xerte Project.
Xerte logo Apereo logo OSI Logo

Search