Issue saml connexion and no redirection to the AssertionConsumerService
Hello we are facing an issue with the implementation of SAML Service Providers. After sending a samlRequest and authentificated well we are not redirect to the AssertionConsumerService but we are redirected to http://auth.example.com/.
Here is the metadata for the service provider:
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
validUntil="2020-08-15T08:32:05Z"
cacheDuration="PT604800S"
entityID="JAGUARDS">
<md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://localhost:4200/api/saml/callback"
index="1" />
</md:SPSSODescriptor>
</md:EntityDescriptor>
Here is the log:
[Thu Aug 6 11:25:20 2020] [LLNG:41] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Get configuration 3.
Get configuration 3.
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Get session 01d1c4264403afd179c1768b4c68c5c2dcd25032e9e5a280175ad5fb24ad0e68 from Handler::Main::Run
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Check session validity from Handler
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Session timeout -> 72000
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Session _utime -> 1596707537
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] now -> 1596713121
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Session timeoutActivityInterval -> 60
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Session TTL = 66416
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] No URL authentication level found...
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] auth.example.com: Apply default rule
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] removing cookie
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Cookies -> llnglanguage=fr; lemonldap=01d1c4264403afd179c1768b4c68c5c2dcd25032e9e5a280175ad5fb24ad0e68
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] CookieName -> lemonldap
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] newCookies -> llnglanguage=fr;
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] User dwho was granted to access to /saml/singleSignOn?SAMLRequest=lZJBT8IwGIbv%2Foql922lwMCGjSwQDQYTMsCDF9N1H7K4tbPtkJ9vN0cyEyV6atL2e%2Fo%2Bbzqbn8vC%0AOYHSuRQhGngYOSC4zHLxGqL97s6dImce3cw0K4uKxrU5igTea9DGibUGZezcQgpdl6C2oE45h32y%0ADtHRmIr6PrMDHpxZWRXgcVnSEcHYZ1XuN0Cfs6JIGX9DzmoZoof4fh8ny%2B0LZzwlOAhcDsOJOyKH%0AwL1NCXdZNgQ8HWckBWZHtK5hJbRhwoSIYIJdPHVxsBsMKBlTgj0yGT0j5%2BliRxo76ys0bXVCVCtB%0AJdO5poKVoKnhdBs%2Frqm9SSsljeSyQFErT2j7nuoByHUAu%2FSDoovZzO%2BjOnBFu0Yha%2Fu1dRo4G2ch%0Ay4qpXDfRbYXc9MOT%2F6WnffKisNESOPRwfza5eo1T3qDt9sYuH1JlGxsDuDXbKSZ0JZX5quDHPFFX%0Azy%2BFdMfff2H0CQ%3D%3D&RelayState=%257B%2522choosenLang%2522%253Anull%252C%2522browserLang%2522%253A%2522fr%2522%252C%2522returnUrl%2522%253A%2522%2522%257D
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Start routing saml
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Processing _forAuthUser
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Cleaning pdata
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Processing importHandlerData
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Processing controlUrl
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Processing code ref
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Launching ::Password::Demo::_modifyPassword
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Processing code ref
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Not an issuer request /saml/singleSignOn?SAMLRequest=lZJBT8IwGIbv/oql922lwMCGjSwQDQYTMsCDF9N1H7K4tbPtkJ9vN0cyEyV6atL2e/o+bzqbn8vC
OYHSuRQhGngYOSC4zHLxGqL97s6dImce3cw0K4uKxrU5igTea9DGibUGZezcQgpdl6C2oE45h32y
DtHRmIr6PrMDHpxZWRXgcVnSEcHYZ1XuN0Cfs6JIGX9DzmoZoof4fh8ny+0LZzwlOAhcDsOJOyKH
wL1NCXdZNgQ8HWckBWZHtK5hJbRhwoSIYIJdPHVxsBsMKBlTgj0yGT0j5+liRxo76ys0bXVCVCtB
JdO5poKVoKnhdBs/rqm9SSsljeSyQFErT2j7nuoByHUAu/SDoovZzO+jOnBFu0Yha/u1dRo4G2ch
y4qpXDfRbYXc9MOT/6WnffKisNESOPRwfza5eo1T3qDt9sYuH1JlGxsDuDXbKSZ0JZX5quDHPFFX
zy+FdMfff2H0CQ==&RelayState=%7B%22choosenLang%22%3Anull%2C%22browserLang%22%3A%22fr%22%2C%22returnUrl%22%3A%22%22%7D
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Calling autoredirect
[Thu Aug 6 11:25:21 2020] [LLNG:41] [debug] Building redirection to http://auth.example.com/
172.17.0.1 - - [06/Aug/2020:11:25:21 +0000] "POST /saml/singleSignOn?SAMLRequest=lZJBT8IwGIbv%2Foql922lwMCGjSwQDQYTMsCDF9N1H7K4tbPtkJ9vN0cyEyV6atL2e%2Fo%2Bbzqbn8vC%0AOYHSuRQhGngYOSC4zHLxGqL97s6dImce3cw0K4uKxrU5igTea9DGibUGZezcQgpdl6C2oE45h32y%0ADtHRmIr6PrMDHpxZWRXgcVnSEcHYZ1XuN0Cfs6JIGX9DzmoZoof4fh8ny%2B0LZzwlOAhcDsOJOyKH%0AwL1NCXdZNgQ8HWckBWZHtK5hJbRhwoSIYIJdPHVxsBsMKBlTgj0yGT0j5%2BliRxo76ys0bXVCVCtB%0AJdO5poKVoKnhdBs%2Frqm9SSsljeSyQFErT2j7nuoByHUAu%2FSDoovZzO%2BjOnBFu0Yha%2Fu1dRo4G2ch%0Ay4qpXDfRbYXc9MOT%2F6WnffKisNESOPRwfza5eo1T3qDt9sYuH1JlGxsDuDXbKSZ0JZX5quDHPFFX%0Azy%2BFdMfff2H0CQ%3D%3D&RelayState=%257B%2522choosenLang%2522%253Anull%252C%2522browserLang%2522%253A%2522fr%2522%252C%2522returnUrl%2522%253A%2522%2522%257D HTTP/1.1" 302 5 "http://auth.example.com:4200/login" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15"
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Get configuration 3.
Get configuration from cache without verification.
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Get session 01d1c4264403afd179c1768b4c68c5c2dcd25032e9e5a280175ad5fb24ad0e68 from Handler::Main::Run
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Check session validity from Handler
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Session timeout -> 72000
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Session _utime -> 1596707537
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] now -> 1596713121
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Session timeoutActivityInterval -> 60
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Session TTL = 66416
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] No URL authentication level found...
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] auth.example.com: Apply default rule
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] removing cookie
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Cookies -> llnglanguage=fr; lemonldap=01d1c4264403afd179c1768b4c68c5c2dcd25032e9e5a280175ad5fb24ad0e68
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] CookieName -> lemonldap
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] newCookies -> llnglanguage=fr;
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] User dwho was granted to access to /
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Start routing default route
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Processing importHandlerData
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Processing controlUrl
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Processing checkLogout
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Processing code ref
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Launching ::Password::Demo::_modifyPassword
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Calling autoredirect
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Evaluate condition 1 for module Appslist
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Evaluate condition $_auth =~ /^(LDAP|DBI|Demo)$/ for module ChangePassword
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Evaluate condition 1 for module LoginHistory
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Evaluate condition $_oidcConnectedRP for module OidcConsents
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Evaluate condition 1 for module Logout
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Check if Appslist has to be displayed
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] No URL authentication level found...
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Regexp "Sessions" match
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] No URL authentication level found...
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] Regexp "Configuration" match
[Thu Aug 6 11:25:21 2020] [LLNG:46] [debug] No URL authentication level found...
Did we do something wrong? thanks, Chris