Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SAML2 authorization issue with AD FS Microsoft #3730

Closed
2 tasks done
Kol8bok opened this issue Sep 19, 2022 · 10 comments
Closed
2 tasks done

SAML2 authorization issue with AD FS Microsoft #3730

Kol8bok opened this issue Sep 19, 2022 · 10 comments
Labels
🐕 Support

Comments

@Kol8bok
Copy link

Kol8bok commented Sep 19, 2022
edited by ssddanbrown
Loading

Attempted Debugging

  • I have read the debugging page

Searched GitHub Issues

  • I have searched GitHub for the issue.

Describe the Scenario

Hello,

I try to configure SAML with AD FS.
Tell me how to solve the problem
I set everything up, but the error keeps popping up
My config .env:

AUTH_METHOD=saml2
AUTH_AUTO_INITIATE=false
SAML2_NAME=BOOKSTACK
SAML2_EMAIL_ATTRIBUTE=email
SAML2_EXTERNAL_ID_ATTRIBUTE=id
SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName
SAML2_IDP_ENTITYID=https://data-centre.siecom.pro/FederationMetadata/2007-06/Fe$
SAML2_AUTOLOAD_METADATA=true
SAML2_IDP_SSO=https://data-centre.siecom.pro/adfs/ls/
#SAML2_IDP_SLO=https://data-centre.siecom.pro/adfs/ls/

SAML2_IDP_x509="-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgITFgAAAA/znQbmfG8ocwABAAAADzANBgkqhkiG9w0BAQsF
ADA8MRMwEQYKCZImiZPyLGQBGRYDcHJvMRgwFgYKCZImiZPyLGQBGRYIdXNlcmdh
dGUxCzAJBgNVBAMTAkNBMB4XDTIyMDkxNjA2Mzg1N1oXDTIzMDkxNjA2Mzg1N1ow
ADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSC+w1KKqIjKRqqB+O
..........................................................."
SAML2_IDP_AUTHNCONTEXT=true

On the AD FS:
The file with metadata https://wiki.siecom.pro/saml2/metadata in AD FS was installed well, there were no problems with this

Set up the attributes as follows:
LDAP | Party trust wizard
E-Mail-Addresses | email
Given-Name | lastName
User-Principal-Name | id
Surname | firstName

Gives error on debug:
Invalid ACS Response: invalid_response

Tell me what I'm doing wrong?

Exact BookStack Version

v22.09

Log Content

Debug:

#0 /var/www/bookstack/app/Http/Controllers/Auth/Saml2Controller.php(119): BookStack\Auth\Access\Saml2Service->processAcsResponse()
https://github.com/BookStackApp/BookStack/issues/1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\Http\Controllers\Auth\Saml2Controller->processAcs()
https://github.com/BookStackApp/BookStack/issues/2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction()
https://github.com/BookStackApp/BookStack/issues/3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(262): Illuminate\Routing\ControllerDispatcher->dispatch()
https://github.com/BookStackApp/BookStack/issues/4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\Routing\Route->runController()
https://github.com/BookStackApp/BookStack/issues/5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\Routing\Route->run()
https://github.com/BookStackApp/BookStack/issues/6 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Routing\Router->Illuminate\Routing{closure}()
https://github.com/BookStackApp/BookStack/issues/7 /var/www/bookstack/app/Http/Middleware/CheckGuard.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/8 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckGuard->handle()
https://github.com/BookStackApp/BookStack/issues/9 /var/www/bookstack/app/Http/Middleware/Localization.php(45): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/10 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\Localization->handle()
https://github.com/BookStackApp/BookStack/issues/11 /var/www/bookstack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/12 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RunThemeActions->handle()
https://github.com/BookStackApp/BookStack/issues/13 /var/www/bookstack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/14 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckEmailConfirmed->handle()
https://github.com/BookStackApp/BookStack/issues/15 /var/www/bookstack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/16 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\PreventAuthenticatedResponseCaching->handle()
https://github.com/BookStackApp/BookStack/issues/17 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/18 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle()
https://github.com/BookStackApp/BookStack/issues/19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
https://github.com/BookStackApp/BookStack/issues/21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest()
https://github.com/BookStackApp/BookStack/issues/23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Session\Middleware\StartSession->handle()
https://github.com/BookStackApp/BookStack/issues/24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/25 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
https://github.com/BookStackApp/BookStack/issues/26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/27 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\EncryptCookies->handle()
https://github.com/BookStackApp/BookStack/issues/28 /var/www/bookstack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/29 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\ApplyCspRules->handle()
https://github.com/BookStackApp/BookStack/issues/30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(723): Illuminate\Pipeline\Pipeline->then()
https://github.com/BookStackApp/BookStack/issues/32 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\Routing\Router->runRouteWithinStack()
https://github.com/BookStackApp/BookStack/issues/33 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\Routing\Router->runRoute()
https://github.com/BookStackApp/BookStack/issues/34 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\Routing\Router->dispatchToRoute()
https://github.com/BookStackApp/BookStack/issues/35 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\Routing\Router->dispatch()
https://github.com/BookStackApp/BookStack/issues/36 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http{closure}()
https://github.com/BookStackApp/BookStack/issues/37 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/38 /var/www/bookstack/app/Http/Middleware/TrustProxies.php(41): Illuminate\Http\Middleware\TrustProxies->handle()
https://github.com/BookStackApp/BookStack/issues/39 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\TrustProxies->handle()
https://github.com/BookStackApp/BookStack/issues/40 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/41 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
https://github.com/BookStackApp/BookStack/issues/42 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TrimStrings->handle()
https://github.com/BookStackApp/BookStack/issues/43 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/44 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle()
https://github.com/BookStackApp/BookStack/issues/45 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/46 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
https://github.com/BookStackApp/BookStack/issues/47 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/48 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\Pipeline\Pipeline->then()
https://github.com/BookStackApp/BookStack/issues/49 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
https://github.com/BookStackApp/BookStack/issues/50 /var/www/bookstack/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle()
https://github.com/BookStackApp/BookStack/issues/51 {main}

PHP Version

No response

Hosting Environment

Ubuntu 18.04
@ssddanbrown ssddanbrown mentioned this issue Sep 19, 2022
Closed
@Kol8bok
Copy link
Author

Kol8bok commented Sep 20, 2022

PHP Version: 7.4.30
BookStack Version: v22.09

@ssddanbrown
Copy link
Member

Hi @Kol8bok,
I've just released BookStack v22.09.1, which within I added additional debug detail intended for this specific scenario.
Please could you update to v22.09.1 then re-attempt the scenario and share the new error message that's shown/logged? It should now provide much better guidance into the reason that the SAML response is found to be invalid.

@ssddanbrown
Copy link
Member

Since there's been no follow-up I'm going to close this. If the issue remains and is something you still require to be fixed respond to my previous comment and this can then be re-opened.

@RidaLeFou
Copy link

RidaLeFou commented Sep 28, 2022
edited
Loading

Hello @ssddanbrown, I'm experiencing the same issue. Could you help please?

@ssddanbrown
Copy link
Member

@RidaLeFou Please open a new support issue to focus on your exact error message and system configuration.

@Kol8bok
Copy link
Author

Kol8bok commented Sep 30, 2022
edited
Loading

Hi @Kol8bok,
I've just released BookStack v22.09.1, which within I added additional debug detail intended for this specific scenario.
Please could you update to v22.09.1 then re-attempt the scenario and share the new error message that's shown/logged? It should now provide much better guidance into the reason that the SAML response is found to be invalid.

Hi, @ssddanbrown
Dan, I apologize for not answering for a long time, I don’t have time to deal with this problem a lot, so I finally found the time :)
Updated Bookstack l to version v22.09.1, the error also persists, files with metadata are transferred well, without any obvious problems. But when authorizing on the AD FS server, the following debug appears. It seems that everything is set up correctly, AD FS works correctly.

The debug is the following:

Invalid ACS Response; Errors: invalid_response; Reason: The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy

PHP Version: 7.4.30
BookStack Version: v22.09.1
Theme Configured:

#1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\Http\Controllers\Auth\Saml2Controller->processAcs()
#2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction()
#3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(262): Illuminate\Routing\ControllerDispatcher->dispatch()
#4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\Routing\Route->runController()
#5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\Routing\Route->run()
#6 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Routing\Router->Illuminate\Routing\{closure}()
#7 /var/www/bookstack/app/Http/Middleware/CheckGuard.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#8 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckGuard->handle()
#9 /var/www/bookstack/app/Http/Middleware/Localization.php(45): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#10 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\Localization->handle()
#11 /var/www/bookstack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#12 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RunThemeActions->handle()
#13 /var/www/bookstack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#14 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckEmailConfirmed->handle()
#15 /var/www/bookstack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#16 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\PreventAuthenticatedResponseCaching->handle()
#17 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#18 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle()
#19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
#21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest()
#23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Session\Middleware\StartSession->handle()
#24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#25 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
#26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#27 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\EncryptCookies->handle()
#28 /var/www/bookstack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#29 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\ApplyCspRules->handle()
#30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(723): Illuminate\Pipeline\Pipeline->then()
#32 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\Routing\Router->runRouteWithinStack()
#33 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\Routing\Router->runRoute()
#34 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\Routing\Router->dispatchToRoute()
#35 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\Routing\Router->dispatch()
#36 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}()
#37 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#38 /var/www/bookstack/app/Http/Middleware/TrustProxies.php(41): Illuminate\Http\Middleware\TrustProxies->handle()
#39 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\TrustProxies->handle()
#40 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#41 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#42 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TrimStrings->handle()
#43 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#44 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle()
#45 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#46 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
#47 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#48 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\Pipeline\Pipeline->then()
#49 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
#50 /var/www/bookstack/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle()
#51 {main}```

@ssddanbrown
Copy link
Member

Hi @Kol8bok,
Based upon that, It seems like your ADFS system is not accepting the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress NameIDFormat that BookStack wants to use.

I'm not too familiar with ADFS, and it's been a while since I last tested on an ADFS setup, so can't provide much more guidance myself, although I vaguely remember playing about with transform rules to get things working in the right format.

@ssddanbrown ssddanbrown reopened this Sep 30, 2022
@Kol8bok
Copy link
Author

Kol8bok commented Oct 3, 2022

More precisely, you need to look towards AD FS? Is the email attribute being passed incorrectly?

@ssddanbrown
Copy link
Member

@Kol8bok I'm afraid I'm not familiar enough with ADFS to make an advisory,
I'm not sure if the email attribute is controlled independently from the nameid-format.
I can only advise a search along these lines.

@Kol8bok
Copy link
Author

Kol8bok commented Oct 5, 2022
edited
Loading

@ssddanbrown ok, got it. Thank you!
I will investigate further....

@Kol8bok Kol8bok closed this as completed Oct 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐕 Support
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ssddanbrown @RidaLeFou @Kol8bok