Comments (9)
I should add I am getting
<UNDEFINED> ... </>
from
response.document.inspect
from ruby-saml.
Yeah I'm getting the same thing too...
@document=<UNDEFINED>
from response.rb:
@document = XMLSecurity::SignedDocument.new(@response)
The above line is returning nothing...
I get this hex data for @response:
x9DT\xDBn\x9B@\x10\xFD\x15\xC4;,w\eDP\xDDX\x95,\xD5I\x14Gy\xC8K\xB5,\x83M\x03,\xDD]\x1A\xE7\xEF;\v\xF1-M\xDD$\xD2J0\xC3\xCC\xEC\xE1\xCC\x99I%m\xEA.\xB9\x05\xD9\xF1V\x82\xB1\x98_\x98?\xBC \xF2\xC3`\x12X\xD4
Unsure exactly what to do with this.
If it matters, it's ADFS on windows 2012 R2
Anyone have any clues about this?
from ruby-saml.
@naemono Can you install the SAML Tracer Firefox Plugin (https://addons.mozilla.org/es/firefox/addon/saml-tracer/) and send as the base64 encoded SAML Response?
from ruby-saml.
Thanks for looking into this.
I assume you're wanting this:
nVVtb5swEP4riO9gQggkFkXLGk2KtLRVU%2fVDv0zGPhJWwJlt1vTf7wzNW9dm7aRIwcfd%2bbnnnjtSzepqQ29Bb2SjwZnPLtwfo2Qk4jBkHozykRfleeLlIhp6ybAoojicQBGOXecelC5lc%2bGGfuA6c61bmDfasMagKRhEXjDxBpO7QUzDMQ1iPxqPH1xnBtqUDTNd5NqYjaaExFE84TwXfrNS8tHnsiasNWtiwRHOqipn%2fNF1Li1Em75VDZVMl5o2rAZNDafL6eI7RSSU9060bfQGeFmUIFxnW1eNpl2t56M3ShrJZeVmaVeR6kPPBzGtQdmK3MxWhAVpLf2tXKlNX4soNEGX3yUHTYxqtUlJnz5L%2bwYsDTOtPj1dSgHOPataOH%2b97rzpsuWYXrsOyVJymnW6A9j3dxzkUT5mhZdEg4kXBdhflrChFxYCgmQ8ZHGYfKyj8cNrHXyOrheS%2f4O2ZZv%2fBG6y9Arzz2fON6lqdkYaA3%2fQWUrhFZ0rhZqV1VQIZUnLFgvZmJWsQT1%2f2UNISZ99fx0qsChttOVyAWYtxT%2fUWNMcmALlvpljxgxzrqS5bq7VtDCgXhM9HB5G5xblvCm7Afjk4FhFvHH7wZqlaBelNWqL5ysgSfBX13swie36%2b6CTYz%2fUXisQMwdcMUaVvL93Z8x%2bMe%2bJKQGNf0T6%2fu3h8SSaHMBiKoMv8taAFTvUSM%2bRzbH96%2bmy8uJrbLr2UaNaso0v1Yo8aRIGwYjgr0QYpjTPhFesrDXpBMJ2Ajkk7UbyPcG88joyHD8fY8V%2bNfuz0x3PTl04CZH%2fJYJCAuaNgO1HR%2frlMmTPwNacni4rHMtbKLKzk8spt35ovsG%2fJ6nEDS5MFBCIO8Vw40plbNPeyHtq3h2PiCD7LbXfX7vPUvYH
This is from the 302 back to my application:
from ruby-saml.
I finally figured out what was going on. I was not hitting https://myapp/auth/saml to generate the saml2 request (302 to adfs), but hitting https://myadfs/adfs/ls/idpinitiatedsignon to generate the saml callback, which turned out to be generating saml1 responses, which was causing this error. The documentation is seriously lacking here for ADFS (I'll generate a pull request for omniauth-saml readme) There doesn't seem to be way to force adfs to use saml2 when hitting the idpinitiatedsignon page without this gem creating the proper parameters sent to adfs:
<samlp:AuthnRequest AssertionConsumerServiceURL='https://myapp/auth/saml/callback' Destination='https://myadfs/adfs/ls/idpinitiatedsignon.aspx?logintoRP='myapplication-name' ID='_0d369f40-2268-0132-029b-28cfe9164b7b' IssueInstant='2014-09-19T20:18:32Z' Version='2.0' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>https://myappname</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'/></samlp:AuthnRequest>
Anyways, thanks for the work on this gem...
from ruby-saml.
thanks for the followup @naemono! going to close this for now.
from ruby-saml.
We were running into this issue as well when validating documents without a signature (//ds:X509Certificate
). Even though our code handled OneLogin::RubySaml::ValidationError
, this wouldn't be rescued since it's a NoMethodError
.
#66 fixes this. Try upgrading to 0.7.3
or higher if you are running into a similar issue.
from ruby-saml.
Try upgrading to 0.7.3 or higher if you are running into a similar issue.
@alperkokmen Typo? 0.7.2
is the most recent version available.
from ruby-saml.
@tboyko nope, 0.7.3
was a release. It's fairly out-of-date at this point though. I would recommend using the latest version if you can.
from ruby-saml.
Related Issues (20)
- Parse Remote Chooses POST over Redirect HOT 3
- Validate signature of published federation metadata HOT 3
- This project is currently not under active development HOT 5
- SAML Request signing broken due to `strip!` method HOT 7
- Add secure channel for security incident reporting
- Homepage in gemspec points to "Page not found"
- Update Readme how to use parser's options HOT 4
- Remove OneLogin namespace (in a major version upgrade) HOT 2
- Using ECDSA private key causes OpenSSL::PKey::RSAError
- ArgumentError: key must be 32 bytes HOT 2
- Link on Rubygems page is wrong
- ruby toolkit sample code has incorrect module name HOT 1
- Fun & games with AWS Identity center HOT 9
- Missing name id for valid SloLogoutrequest HOT 3
- Assertion Consumer Service URL vs Recipient HOT 2
- v2.1: Improve check_idp_cert_expiration behavior
- v2.1: Validate certificate vs private_key HOT 3
- POST binding should not use compression by default HOT 2
- How to pick which binding to use when parsing metadata? HOT 1
- Add `base64` gem dependency for Ruby 3.4 compatibility HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ruby-saml.