Jump to content

Onelogin SAML2


immac

Recommended Posts

We followed instructions for SAML2/Onelogin setup in the 'Security Manual'

 

Getting the following error while doing the SAML2 authentication

 

We are using V8.6 (Build 8679) 

 

Error Code = An X.509 encryption certificate for the local service provider hasn't been configured., StackTrace =    at ComponentSpace.SAML2.InternalSAMLServiceProvider.GetLocalServiceProviderEncryptionCertificates()

   at ComponentSpace.SAML2.InternalSAMLServiceProvider.DecryptSAMLAssertion(Object samlAssertion)

   at ComponentSpace.SAML2.InternalSAMLServiceProvider.GetSAMLAssertion(SAMLResponse samlResponse, XmlElement samlResponseElement)

   at ComponentSpace.SAML2.InternalSAMLServiceProvider.ProcessSAMLResponse(XmlElement samlResponseElement, Boolean& isInResponseTo, String& authnContext, String& userName, SAMLAttribute[]& attributes)

   at ComponentSpace.SAML2.InternalSAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& authnContext, String& userName, SAMLAttribute[]& attributes, String& relayState)

   at logins_saml_default.ProcessSAMLAuthentication()

Link to comment
Share on other sites

Nevermind it is working now. 

 

I was using a different connector on the Onelogin. I used the 'SAML Test Connector (IdP w/attr)' now 

 

The problem I have is it's still promptly for User/Password. I don't want to save the user/password in the browser. 

 

 

 

 

Link to comment
Share on other sites

Thanks for your response. 

 

No it looks like the prompt is coming from the Passwordstate only not the local browser. If I just click cancel it's showing 

the following message. Is there any way to get rid of this now that it's doing SAML2 through Onelogin

 

You do not have permission to view this directory or page.

 

 

Link to comment
Share on other sites

Let me post the screenshot shortly and try the various options in the URL

 

In the mean time, can it be related with having the following option in the 'web.config' file 

 

<authentication mode="Windows" />

 

Thanks, 

Link to comment
Share on other sites

Besides the 'Windows Authentication' I also enabled the 'Anonymous Authentication' on the passwordstate site. 

 

It is now working as expected but I'm not sure about security implications with having 'Anonymous auth' enabled.

We do have network/firewall to block other networks from accessing the site

 

Any recommendations/suggestions?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...