I found the problem.
URL comes like:
https://cas.example.com/cas/login?service=https%3A%2F%2Fidp.example.com%2Fidp%2FAuthn%2FExternal%3Fconversation%3De2s1%26entityId%3Dhttps%3A%2F%2Fwww.example.com%2Fsp
If I replace entityId%3D -> entityId= then it works
CAS does not decode %3D which is for = sign, thus leaving the attribute
empty.
<Launching new execution of flow 'login' with input map['service' ->
'https://idp.example.com/idp/Authn/External',
'entityId=https://www.example.com/sp' -> ''
- <Starting in
org.springframework.webflow.mvc.servlet.MvcExternalContext@4c2a6e41 with
input map['service' -> 'https://idp.example.com/idp/Authn/External',
'entityId=https://www.example.com/sp' -> ''
- <No entity id found for parameter [entityId]>
G
On 14/01/2022 12:28, Kapetanakis Giannis wrote:
Hi,
I've configured CAS to be SSO for Shibboleth IdP (External). This works fine.
I'm trying to display SAML MDUI (logo) but it cannot detect the entityId so
nothing happens.
DEBUG [org.apereo.cas.support.saml.mdui.web.flow.SamlMetadataUIParserAction] - <No
entity id found for parameter [entityId]>
implementation
"org.apereo.cas:cas-server-support-saml-mdui:${project.'cas.version'}" in
build.gradle
cas.saml-metadata-ui.resources=file:///etc/cas/config/idp-metadata/sp.xml
Log says:
DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] -
<Loading [sp.xml]>
DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] -
<Evaluating metadata resource [sp.xml]>
DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] -
<Locating metadata resource from input stream.>
DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] -
<Parsing [sp.xml]>
DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] -
<Initializing metadata resolver for [URL
[file:/etc/cas/config/idp-metadata/sp.xml]]>
DEBUG [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] -
<Collected metadata from [1] resolvers(s). Initializing aggregate resolver...>
INFO [org.apereo.cas.support.saml.mdui.AbstractMetadataResolverAdapter] -
<Metadata aggregate initialized successfully.>
However when I'm redirected to CAS, to login to this SP (via shibboleth)
with URL:
https://cas.example.com/cas/login?service=https%3A%2F%2Fidp.example.com%2Fidp%2FAuthn%2FExternal%3Fconversation%3De2s1%26entityId%3Dhttps%3A%2F%2Fwww.example.com%2Fsp
I get in logs:
DEBUG [org.apereo.cas.support.saml.mdui.web.flow.SamlMetadataUIParserAction] - <No
entity id found for parameter [entityId]>
Service registry lists the SP's entityId as serviceId:
--- !<org.apereo.cas.services.RegexRegisteredService>
serviceId:"https://www.example.com/sp";
...
logo:"https://www.example.com/images/logo-idp.png";
...
In advance the metadata loaded also have mdui relevant info:
<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:mdui="urn:oasis
:names:tc:SAML:metadata:ui" xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
entityID="https: //www.example.com/sp">
<md:SPSSODescriptor
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn
:oasis:names:tc:SAML:1.1:protocol">
<md:Extensions>
<mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
<mdui:Logo width="208" height="96"
xml:lang="en">https://www.example.com/images/logo-idp.png</mdui:Logo>
</mdui:UIInfo>
What am I missing here?
Thanks,
Giannis
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cfded964-4f43-7ce0-7b0c-936b4b2c05cb%40edu.physics.uoc.gr.
![https://www.example.com/images/logo-idp.png"](https://www.example.com/images/logo-idp.png"){kind=link}
