Univention Bugzilla – Bug 40787
SAML tests fail in AD member setups
Last modified: 2018-10-23 11:30:10 CEST
The SAML tests mostly fail in AD member setups. [2016-02-26 18:10:48.521082]GET SAML login form at: https://admember226.AutoTest226.local/univention-management-console/saml/ [2016-02-26 18:10:49.381208]### FAIL ### [2016-02-26 18:10:49.381264]Problem while reaching login dialog [2016-02-26 18:10:49.381278]Wrong status code: 500, expected: 200 [2016-02-26 18:10:49.381311]### ###
The following error message is shown if more debug is activated: <h2>Nicht abgefangene Code-Exception</h2> Eine nicht abgefangene Code-Exception ist aufgetreten. <div class="trackidtext"> Falls Sie diesen Fehler melden, teilen Sie bitte ebenfalls diese Tracking ID mit, dadurch ist es dem Administrator möglich ihre Sitzung in den Logs zu finden: <span class="trackid">981a159e81</span> </div> <h2>Debug Information</h2> <p>Die unten angegebene Debug-Information kann von Interesse für den Administrator oder das Helpdesk sein:</p> <div style="border: 1px solid #eee; padding: 1em; font-size: x-small"> <p style="margin: 1px">SimpleSAML_Error_Error: UNHANDLEDEXCEPTION</p> <pre style=" padding: 1em; font-family: monospace; ">Backtrace: 1 /usr/share/simplesamlphp/www/_include.php:37 (SimpleSAML_exception_handler) 0 [builtin] (N/A) Caused by: Exception: Unable to validate Signature Backtrace: 6 /usr/share/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/Utils.php:157 (SAML2_Utils::validateSignature) 5 [builtin] (call_user_func) 4 /usr/share/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/Message.php:221 (SAML2_Message::validate) 3 /usr/share/simplesamlphp/modules/saml/lib/Message.php:194 (sspmod_saml_Message::checkSign) 2 /usr/share/simplesamlphp/modules/saml/lib/Message.php:251 (sspmod_saml_Message::validateMessage) 1 /usr/share/simplesamlphp/modules/saml/lib/IdP/SAML2.php:305 (sspmod_saml_IdP_SAML2::receiveAuthnRequest) 0 /usr/share/simplesamlphp/www/saml2/idp/SSOService.php:18 (N/A)</pre> </div>
Maybe you can attach join.log /etc/apache2/sites-enabled/univention-saml /usr/share/univention-management-console/saml/idp/ucs-sso.*.xml and md5sum /etc/univention/ssl/ucs-sso.*/* /etc/simplesamlphp/ucs-sso.*.
ucs-test r67824: * 82_saml/samltest.py: Added more debug (Bug #40787)
I've disabled various SAML tests in AD member mode: r67891
This might be related to bug 47700