We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The following error occurs while linking with aws sso in local
2022-08-05 15:37:23,402 - WARNING - tornado.access - [web.py:2271 - log_request() ] - 403 GET /api/v2/user_profile (::1) 377.89ms {"asctime": "2022-08-05T15:37:23Z+0900", "name": "consoleme", "processName": "MainProcess", "filename": "exceptions.py", "funcName": "__init__", "levelname": "ERROR", "lineno": 14, "module": "exceptions", "threadName": "MainThread", "message": "Unable to authenticate the user by SAML. Redirecting to authentication endpoint", "eventTime": "2022-08-04T23:36:13.551503-07:00", "hostname": "", "timestamp": "2022-08-05T15:37:23Z+0900"} {"asctime": "2022-08-05T15:37:23Z+0900", "name": "consoleme", "processName": "MainProcess", "filename": "saml.py", "funcName": "authenticate_user_by_saml", "levelname": "ERROR", "lineno": 70, "module": "saml", "threadName": "MainThread", "message": null, "function": "consoleme.lib.saml.authenticate_user_by_saml", "error": "SAML Response not found, Only supported HTTP_POST Binding", "eventTime": "2022-08-04T23:36:13.551503-07:00", "hostname": "", "timestamp": "2022-08-05T15:37:23Z+0900"}
my saml config
# Warning: The following configuration file is an example, and it is insecure by default. Please carefully # review and change values accordingly before deploying to a production environment. You are responsible # for your deployment. extends: - example_config_base.yaml - example_secrets.yaml auth: get_user_by_saml: true set_auth_cookie: true force_redirect_to_identity_provider: false get_user_by_saml_settings: idp_metadata_url: https://portal.sso.ap-northeast-2.amazonaws.com/saml/metadata/************ saml_path: example_config/saml_examples jwt: expiration_hours: 1 email_key: email groups_key: groups attributes: user: user groups: groups email: email saml_settings: debug: true # idp: # entityId: https://portal.sso.ap-northeast-2.amazonaws.com/saml/assertion/********* # singleLogoutService: # binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect # url: https://portal.sso.ap-northeast-2.amazonaws.com/saml/logout/************ # singleSignOnService: # binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect # url: https://portal.sso.ap-northeast-2.amazonaws.com/saml/assertion/********** # x509cert: ******************** sp: NameIDFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress assertionConsumerService: binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST url: http://127.0.0.1:8081/saml/acs entityId: http://127.0.0.1:8081 singleLogoutService: binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect url: http://127.0.0.1:8081/saml/sls strict: false support: emailAddress: [email protected] givenName: support_name technical: emailAddress: [email protected] givenName: technical_name # security: # authnRequestsSigned: true # digestAlgorithm: http://www.w3.org/2000/09/xmldsig#sha1 # logoutRequestSigned: true # logoutResponseSigned: true # nameIdEncrypted: true # signMetadata: true # signatureAlgorithm: http://www.w3.org/2000/09/xmldsig#rsa-sha1 # wantAssertionsEncrypted: true # wantAssertionsSigned: true # wantMessagesSigned: true # wantNameId: true # wantNameIdEncrypted: false url: http://127.0.0.1:8081
http://127.0.0.1:3000/auth?redirect_url=http://127.0.0.1:3000 403 Forbidden http://127.0.0.1:3000/api/v2/user_profile. 403 Forbidden
If you remove the start url in aws sso, it will temporarily work, but you will get the above error again
consoleme <-> aws sso <-> ldp
The text was updated successfully, but these errors were encountered:
When analyzed by saml tracer, consoleme requests data with get instead of post
GET https://portal.sso.ap-northeast-2.amazonaws.com/saml/assertion/MzU3ODM2OTI0MzAzX2lucy0yOTgzNzE0YmE4YTE5YjVi?SAMLRequest=fVNdb9owFH3vr4jynsT5GB8WIGXANqRCIkirsZfJdS4lU2JntlMgv352oC2VOvJi%2Bfqec%2B8592YkSVXWO************** HTTP/1.1
Sorry, something went wrong.
No branches or pull requests
The following error occurs while linking with aws sso in local
my saml config
http://127.0.0.1:3000/auth?redirect_url=http://127.0.0.1:3000 403 Forbidden
http://127.0.0.1:3000/api/v2/user_profile. 403 Forbidden
If you remove the start url in aws sso, it will temporarily work, but you will get the above error again
consoleme <-> aws sso <-> ldp
The text was updated successfully, but these errors were encountered: