Univention Bugzilla – Bug 48560
SAML Traceback: AttributeError: 'NoneType' object has no attribute 'version'
Last modified: 2022-04-19 12:24:23 CEST
Version: 4.3-3 errata390 (Neustadt) Internal server error. The server encountered an unexpected condition which prevented it from fulfilling the request. Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond response.body = self.handler() File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__ self.body = self.oldhandler(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/cherrypy/_cpdispatch.py", line 61, in __call__ return self.callable(*self.args, **self.kwargs) File "/usr/sbin/univention-management-console-web-server", line 1184, in index return acs(binding, message, relay_state) File "/usr/sbin/univention-management-console-web-server", line 1194, in attribute_consuming_service response = self.acs(message, binding) File "/usr/sbin/univention-management-console-web-server", line 1314, in acs response = self.sp.parse_authn_request_response(message, binding, self.outstanding_queries) File "/usr/lib/python2.7/dist-packages/saml2/client_base.py", line 580, in parse_authn_request_response binding, **kwargs) File "/usr/lib/python2.7/dist-packages/saml2/entity.py", line 1087, in _parse_response response = response.verify(keys) File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 964, in verify res = self._verify() File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 377, in _verify assert self.response.version == "2.0" AttributeError: 'NoneType' object has no attribute 'version' Role: domaincontroller_master
reported again: Version: 4.4-4 errata620 (Blumenthal) Remark: I attempted to use the integrated SAML authentication to provide authentication for an external service Traceback(d41d8cd98f00b204e9800998ecf8427e): Internal server error. The server encountered an unexpected condition which prevented it from fulfilling the request. Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond response.body = self.handler() File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__ self.body = self.oldhandler(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/cherrypy/_cpdispatch.py", line 61, in __call__ return self.callable(*self.args, **self.kwargs) File "/usr/sbin/univention-management-console-web-server", line 1178, in index return acs(binding, message, relay_state) File "/usr/sbin/univention-management-console-web-server", line 1188, in attribute_consuming_service response = self.acs(message, binding) File "/usr/sbin/univention-management-console-web-server", line 1308, in acs response = self.sp.parse_authn_request_response(message, binding, self.outstanding_queries) File "/usr/lib/python2.7/dist-packages/saml2/client_base.py", line 580, in parse_authn_request_response binding, **kwargs) File "/usr/lib/python2.7/dist-packages/saml2/entity.py", line 1087, in _parse_response response = response.verify(keys) File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 964, in verify res = self._verify() File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 377, in _verify assert self.response.version == "2.0" AttributeError: 'NoneType' object has no attribute 'version' Role: domaincontroller_master
https://github.com/IdentityPython/pysaml2/issues/603 Happened also today in Jenkins (UCS 4.4-6): 1 times in /var/log/univention/management-console-web-server.log: Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond response.body = self.handler() File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__ self.body = self.oldhandler(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/cherrypy/_cpdispatch.py", line 61, in __call__ return self.callable(*self.args, **self.kwargs) File "/usr/sbin/univention-management-console-web-server", line 1214, in index return acs(binding, message, relay_state) File "/usr/sbin/univention-management-console-web-server", line 1230, in attribute_consuming_service_iframe response = self.acs(message, binding) File "/usr/sbin/univention-management-console-web-server", line 1342, in acs response = self.sp.parse_authn_request_response(message, binding, self.outstanding_queries) File "/usr/lib/python2.7/dist-packages/saml2/client_base.py", line 580, in parse_authn_request_response binding, **kwargs) File "/usr/lib/python2.7/dist-packages/saml2/entity.py", line 1087, in _parse_response response = response.verify(keys) File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 964, in verify res = self._verify() File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 377, in _verify assert self.response.version == "2.0" AttributeError: 'NoneType' object has no attribute 'version'
One example trigger: curl 'http://localhost/univention/saml/?SAMLResponse=ZYxBC4IwGIb/yucO3WwZBGZTidpBSA3cZUQH0a8S5iYuaj%2B/ne36Pu/zsNyNCj4428HolETrDQHU%0AnekH/UxJ0dRhHO/2YUTyjAXn%2BiTklYNtR7WdkhntZLRFuLGAX3jJK/GHjpUEb3pUCAnOITSyEbwE%0A8hgUJpRSfHfUvtrefAlkd39eJLKVtw6MLucf'
UCS Version: undefined Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond response.body = self.handler() File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__ self.body = self.oldhandler(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/cherrypy/_cpdispatch.py", line 61, in __call__ return self.callable(*self.args, **self.kwargs) File "/usr/sbin/univention-management-console-web-server", line 1214, in index return acs(binding, message, relay_state) File "/usr/sbin/univention-management-console-web-server", line 1222, in attribute_consuming_service response = self.acs(message, binding) File "/usr/sbin/univention-management-console-web-server", line 1342, in acs response = self.sp.parse_authn_request_response(message, binding, self.outstanding_queries) File "/usr/lib/python2.7/dist-packages/saml2/client_base.py", line 580, in parse_authn_request_response binding, **kwargs) File "/usr/lib/python2.7/dist-packages/saml2/entity.py", line 1087, in _parse_response response = response.verify(keys) File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 975, in verify if self.parse_assertion(keys): File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 895, in parse_assertion if not self._assertion(assertion, False): File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 780, in _assertion if not self.condition_ok(): File "/usr/lib/python2.7/dist-packages/saml2/response.py", line 575, in condition_ok conditions.not_on_or_after, self.timeslack) File "/usr/lib/python2.7/dist-packages/saml2/validate.py", line 86, in validate_on_or_after (nooa, now)) Exception: Can't use it, it's too old 1614117730 > 1614121178
UCS Version: undefined Traceback (most recent call last):File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond response.body = self.handler() File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__ self.body = self.oldhandler(*args, **kwargs) File "/usr/lib/python2.7/dist-packages/cherrypy/_cpdispatch.py", line 61, in __call__ return self.callable(*self.args, **self.kwargs) File "/usr/sbin/univention-management-console-web-server", line 1236, in slo self.sp.handle_logout_response(response) File "/usr/lib/python2.7/dist-packages/saml2/client.py", line 286, in handle_logout_response status = self.state[response.in_response_to] KeyError: 'id-qnYWO8fHJp6A2ihwr' Traceback (most recent call last):
Reported in Ticket number 2021030921000677
Reported in ticket# 2021060721000657