Auth::SAML should handle missing NameID
Concerned version
Version: %2.0.8
Platform: (Nginx/Apache/Node.js)
Summary
- Configure Auth::SAML
- Use a remote IDP that does not send a NameID in assertions (apparently this is permitted by SAML standard)
- Error 500 on login
Logs
*25116 FastCGI sent in stderr: "Can't call method "content" on an undefined value at /usr/share/perl5/Lemonldap/NG/Portal/Auth/SAML.pm line 298" while reading response header from upstream, client: X.X.X.X, server: auth.example.com, request: "POST /saml/proxySingleSignOnPost HTTP/1.1", upstream: "fastcgi://unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock:",
Possible fixes
- We should return a user friendly error in that case