Bug 38927 - simplesamlphp attributes aren't correctly written into config file
simplesamlphp attributes aren't correctly written into config file
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: SAML
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.1
Assigned To: Florian Best
Erik Damrose
: interim-1
: 34670 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-07-15 19:19 CEST by Florian Best
Modified: 2016-01-13 15:36 CET (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
best: Patch_Available+


Attachments
patch (852 bytes, patch)
2015-07-16 12:50 CEST, Florian Best
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2015-07-15 19:19:12 CEST
I tried to get the metadata of a configured identity provider by accessing:

/simplesamlphp/saml2/idp/metadata.php?idpentityid=umc

which fails with the following PHP exception:
Backtrace:
0 /usr/share/simplesamlphp/www/saml2/idp/metadata.php:163 (N/A)
Caused by: SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'umc\'')
Backtrace:
2 /usr/share/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:293 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData)
1 /usr/share/simplesamlphp/lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:310 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataConfig)
0 /usr/share/simplesamlphp/www/saml2/idp/metadata.php:20 (N/A)

Is it possible that we don't create some config files which are required by simplesamlphp?
Comment 1 Florian Best univentionstaff 2015-07-16 12:50:04 CEST
Created attachment 7030 [details]
patch

I got the following PHP stack trace from the syslog which is caused by our config file generation script:

Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] SimpleSAML_Error_Exception: Error 2 - in_array() expects parameter 2 to be array, string given
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] Backtrace:
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 11 /usr/share/simplesamlphp/www/_include.php:70 (SimpleSAML_error_handler)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 10 [builtin] (in_array)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 9 /usr/share/simplesamlphp/modules/core/lib/Auth/Process/AttributeLimit.php:100 (sspmod_core_Auth_Process_AttributeLimit::process)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 8 /usr/share/simplesamlphp/lib/SimpleSAML/Auth/ProcessingChain.php:195 (SimpleSAML_Auth_ProcessingChain::processState)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 7 /usr/share/simplesamlphp/lib/SimpleSAML/IdP.php:310 (SimpleSAML_IdP::postAuth)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 6 [builtin] (call_user_func)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 5 /usr/share/simplesamlphp/lib/SimpleSAML/Auth/Default.php:126 (SimpleSAML_Auth_Default::loginCompleted)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 4 [builtin] (call_user_func)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 3 /usr/share/simplesamlphp/lib/SimpleSAML/Auth/Source.php:140 (SimpleSAML_Auth_Source::completeAuth)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 2 /usr/share/simplesamlphp/modules/core/lib/Auth/UserPassBase.php:223 (sspmod_core_Auth_UserPassBase::handleLogin)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 1 /usr/share/simplesamlphp/modules/core/www/loginuserpass.php:63 (require)
Jul 16 12:32:25 master10 simplesamlphp[28938]: 3 [1c65461b16] 0 /usr/share/simplesamlphp/www/module.php:135 (N/A)


The above exception is invalid, it was only my misusage.
Patch for the broken config applied.
Comment 2 Florian Best univentionstaff 2015-07-23 12:26:36 CEST
I moved the package univention-saml from components into services/.

Package: univention-saml
Version: 3.0.0-1.30.201507231223
Branch: ucs_4.1-0
Comment 3 Florian Best univentionstaff 2015-08-21 14:33:24 CEST
*** Bug 34670 has been marked as a duplicate of this bug. ***
Comment 4 Erik Damrose univentionstaff 2015-09-28 15:28:22 CEST
OK: r62351 no more tracebacks
OK: Changelog
Comment 5 Stefan Gohmann univentionstaff 2015-11-17 12:12:27 CET
UCS 4.1 has been released:
 https://docs.software-univention.de/release-notes-4.1-0-en.html
 https://docs.software-univention.de/release-notes-4.1-0-de.html

If this error occurs again, please use "Clone This Bug".