Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LightSamlModelException: NameID value not set #22

Open
robverhoef opened this issue Apr 7, 2019 · 3 comments
Open

LightSamlModelException: NameID value not set #22

robverhoef opened this issue Apr 7, 2019 · 3 comments

Comments

@robverhoef
Copy link

robverhoef commented Apr 7, 2019
edited
Loading

I am running into this error and I can't figure out where the problem is.
I have 2 service providers with nearly identical configs. One -a test site- works (https://sptest.iamshowcase.com) , the other one doesn't.
Both configs have:

'nameID' => 'email'

This request is working:
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ForceAuthn="false" ID="ab9625f3fa1286566ae35108319fc0d9b7e602beb" IssueInstant="2019-04-06T14:51:37Z" Destination="[my login url]" AssertionConsumerServiceURL="https://sptest.iamshowcase.com/acs" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"> <saml:Issuer>IAMShowcase</saml:Issuer> </samlp:AuthnRequest>

This one doesn't:
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_69e6929c04e5181bef97fb5dac543adc007242aa4f" Version="2.0" IssueInstant="2019-04-06T12:33:25Z" Destination="[my login url]" AssertionConsumerServiceURL="[my clients url]" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"> <saml:Issuer>[my clients url]</saml:Issuer> <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" AllowCreate="true"/> </samlp:AuthnRequest>

Obviously they share the same metadata.xml. And I'm not sure if this is relevant, but my metadata.xml contains:
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
My client requested this setting.

Here is a part of the stacktrace:

(1/1) LightSamlModelException
NameID value not set

in AbstractNameID.php line 160
at AbstractNameID->prepareForXml()
in AbstractNameID.php line 172
at AbstractNameID->serialize(object(DOMElement), object(SerializationContext))
in AbstractSamlModel.php line 55
at AbstractSamlModel->oneElementToXml('Issuer', object(DOMElement), object(SerializationContext), null)
in AbstractSamlModel.php line 77
at AbstractSamlModel->singleElementsToXml(array('Issuer'), object(DOMElement), object(SerializationContext))
in SamlMessage.php line 304
at SamlMessage->serialize(object(DOMElement), object(SerializationContext))
in StatusResponse.php line 73
at StatusResponse->serialize(object(DOMElement), object(SerializationContext))
in Response.php line 144
at Response->serialize(object(DOMDocument), object(SerializationContext))
in HttpPostBinding.php line 35
at HttpPostBinding->send(object(MessageContext))
in SamlAuth.php line 242

Could this be a bug or am I missing something?
I would be would be really grateful if somebody could point me in the right direction.
@sulaphenkatzion
Copy link

This is due to saml.php config files issue. settings need to be corected. I have corrected and it seems to be working correctly.

@AyodejiO
Copy link

What exactly did you correct, sir?

@bm2ilabs
Copy link

You have to check if the "encoded" url is the same as "destination" in config

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bm2ilabs @robverhoef @AyodejiO @sulaphenkatzion