SAML module Lasso error code -501
Affected version
Version: lemonldap-ng 2.16.1 (from official debian packages)
Platform: debian 12 / nginx 1.22.1 / perl 5.36.0 / liblasso 2.8.1
Summary
Following the firsts steps for SAML service configuration
Activating SAML module via General Parameters » Issuer modules » SAML » Activation: set to On
Authentication portal go down, printing "Internal Server Error"
Manager interface is still working properly
Logs
Each time the authentication page is reloaded, a new process is started and the sequence lead to the same lasso error.
Jul 03 09:46:51 ************* LLNG[215]: [debug] Logger Lemonldap::NG::Common::Logger::Syslog loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] User logger Lemonldap::NG::Common::Logger::Syslog loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
Jul 03 09:46:51 ************* LLNG[215]: [debug] Lemonldap::NG::Common::Conf::Backends::File loaded.
Configuration unchanged, get configuration from cache.
Jul 03 09:46:51 ************* LLNG[215]: [debug] Get configuration 13 aged 1688135511
Jul 03 09:46:51 ************* LLNG[215]: [info] Loading configuration 13 for process 215
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls defaultValuesInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Options https for vhost auth.*********.com: 1
Jul 03 09:46:51 ************* LLNG[215]: [debug] Options https for vhost manager.*********.com: 1
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls jailInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls portalInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls locationRulesInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls sessionStorageInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls headersInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls postUrlInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls aliasInit
Jul 03 09:46:51 ************* LLNG[215]: [debug] Process 215 calls oauth2Init
Jul 03 09:46:51 ************* LLNG[215]: [debug] Launching Lemonldap::NG::Handler::FastCGI::Loader->loadCustomHandlers(conf)
Jul 03 09:46:51 ************* LLNG[215]: [debug] Launching Lemonldap::NG::Portal::Main->reloadConf(conf)
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add POST route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add POST route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route psgi.js added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route psgi.js added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route portal.css added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route portal.css added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route : added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route : added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route ping added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route ping added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route refresh added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add OPTIONS route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add OPTIONS route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route logout added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route logout added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Initialized CSP headers : default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src
'self';script-src 'self';
Jul 03 09:46:51 ************* LLNG[215]: [debug] Initialized CORS headers : Access-Control-Allow-Origin;*;Access-Control-Allow-Credentials;true;Access-Control-
Allow-Headers;*;Access-Control-Allow-Methods;POST,GET;Access-Control-Expose-Headers;*;Access-Control-Max-Age;86400;
Jul 03 09:46:51 ************* LLNG[215]: [debug] Cookies will use SameSite=None
Jul 03 09:46:51 ************* LLNG[215]: [debug] Module Lemonldap::NG::Portal::Main::Menu loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] Plugin ::Main::Menu initialized
Jul 03 09:46:51 ************* LLNG[215]: [debug] Module Lemonldap::NG::Portal::Auth::LDAP loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] Module Lemonldap::NG::Portal::Lib::OneTimeToken loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] Try to build new LDAP connection with: ldap://******.*********.com
Jul 03 09:46:51 ************* LLNG[215]: [debug] LDAP Search base: dc=*********,dc=com
Jul 03 09:46:51 ************* LLNG[215]: [debug] LDAP transformed filter: (&(uid=".$req->{user}.")(objectClass=inetOrgPerson))
Jul 03 09:46:51 ************* LLNG[215]: [debug] Plugin ::Auth::LDAP initialized
Jul 03 09:46:51 ************* LLNG[215]: [debug] Module Lemonldap::NG::Portal::UserDB::LDAP loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] Try to build new LDAP connection with: ldap://******.*********.com
Jul 03 09:46:51 ************* LLNG[215]: [debug] LDAP Search base: dc=*********,dc=com
Jul 03 09:46:51 ************* LLNG[215]: [debug] LDAP transformed filter: (&(uid=".$req->{user}.")(objectClass=inetOrgPerson))
Jul 03 09:46:51 ************* LLNG[215]: [debug] Plugin ::UserDB::LDAP initialized
Jul 03 09:46:51 ************* LLNG[215]: [debug] Module Lemonldap::NG::Portal::2F::Engines::Default loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking utotp2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking totp2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking u2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking rest2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking mail2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking ext2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking webauthn2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking yubikey2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking radius2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking password2fActivation
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking password2fSelfRegistration
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking totp2fSelfRegistration
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking u2fSelfRegistration
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking webauthn2fSelfRegistration
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Checking yubikey2fSelfRegistration
Jul 03 09:46:51 ************* LLNG[215]: [debug] -> not enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Processing Extra 2F modules
Jul 03 09:46:51 ************* LLNG[215]: [debug] Plugin ::2F::Engines::Default initialized
Jul 03 09:46:51 ************* LLNG[215]: [debug] Module Lemonldap::NG::Portal::Captcha::SecurityImage loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route renewcaptcha added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Plugin ::Captcha::SecurityImage initialized
Jul 03 09:46:51 ************* LLNG[215]: [debug] IssuerSAML enabled
Jul 03 09:46:51 ************* LLNG[215]: [debug] Module Lemonldap::NG::Portal::Issuer::SAML loaded
Jul 03 09:46:51 ************* LLNG[215]: [debug] SAML rule -> 0
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring unauth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add POST route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Declaring auth route
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add GET route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Add POST route:
Jul 03 09:46:51 ************* LLNG[215]: [debug] route * added
Jul 03 09:46:51 ************* LLNG[215]: [debug] Lasso thin-sessions flag set
Jul 03 09:46:51 ************* LLNG[215]: [debug] Certificate will be used in SAML responses
Jul 03 09:46:51 ************* LLNG[215]: [debug] Get Metadata for this service
Jul 03 09:46:51 ************* LLNG[215]: [error] Lasso error code -501: An object type provided as parameter is invalid or object is NULL.
Jul 03 09:46:52 ************* LLNG[216]: [debug] Logger Lemonldap::NG::Common::Logger::Syslog loaded
Jul 03 09:46:52 ************* LLNG[216]: [debug] User logger Lemonldap::NG::Common::Logger::Syslog loaded
Jul 03 09:46:52 ************* LLNG[216]: [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
Jul 03 09:46:52 ************* LLNG[216]: [debug] Lemonldap::NG::Common::Conf::Backends::File loaded.
Configuration unchanged, get configuration from cache.
Jul 03 09:46:52 ************* LLNG[216]: [debug] Get configuration 13 aged 1688135511
Jul 03 09:46:52 ************* LLNG[216]: [info] Loading configuration 13 for process 216