Hi,
I tryed to deploy gitlab in combination with Shibboleth (and apache) but
when i try to login i get a 500 error after shibboleth completed the
authentication:
*gitlab-rails/production.log:*
Started GET "/users/auth/shibboleth/callback" for 2001:470:<REMOVED>:4358:64cf
at 2015-03-17 08:33:44 +0000
Processing by OmniauthCallbacksController#shibboleth as HTML
Completed 500 Internal Server Error in 51ms
SystemStackError (stack level too deep):
activerecord (4.1.1)
lib/active_record/connection_adapters/abstract/connection_pool.rb:629
*/etc/gitlab/gitlab.rb:*
gitlab_rails['omniauth_allow_single_sign_on'] = true
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_providers'] = [
{
"name" => 'shibboleth',
"args" => {
"shib_session_id_field" => "HTTP_SHIB_SESSION_ID",
"shib_application_id_field" => "HTTP_SHIB_APPLICATION_ID",
"name_field" => 'HTTP_SHIB_CN',
"uid_field" => 'HTTP_SHIB_UID',
"debug" => false,
"info_fields" => { "mail" => 'HTTP_SHIB_EMAIL'}
}
}
]
*When i put the gitlab shibboleth module in debug this is the output generated:*
Debug from omniauth module:
!!!!! This message is generated by omniauth-shibboleth. To remove it set :debug
to false. !!!!!
HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_ENCODING: gzip, deflate
HTTP_ACCEPT_LANGUAGE: en-US,en;q=0.5
HTTP_CACHE_CONTROL: max-age=0
HTTP_CONNECTION: Keep-Alive
HTTP_COOKIE: _gitlab_session=<REMOVED>; _shibsession_<REMOVED>=_<REMOVED>
HTTP_DNT: 1
HTTP_HOST: git.nurd.space
HTTP_ORIGIN:
HTTP_PERSISTENT_ID: 1787429f8<REMOVED>fbfc6d6
HTTP_REFERER: https://engine.saml.nurd.space/authentication/sp/consume-assertion
HTTP_REMOTE_USER: 1787429f8<REMOVED>fbfc6d6
HTTP_SHIB_APPLICATION_ID: default
HTTP_SHIB_ASSERTION_COUNT:
HTTP_SHIB_AUTHENTICATION_INSTANT: 2015-03-17T08:33:41Z
HTTP_SHIB_AUTHENTICATION_METHOD: urn:oasis:names:tc:SAML:2.0:ac:classes:Password
HTTP_SHIB_AUTHNCONTEXT_CLASS: urn:oasis:names:tc:SAML:2.0:ac:classes:Password
HTTP_SHIB_AUTHNCONTEXT_DECL:
HTTP_SHIB_CN: Rudy <REMOVED>
HTTP_SHIB_EMAIL: zarya@<REMOVED>.net
HTTP_SHIB_IDENTITY_PROVIDER:
https://engine.saml.nurd.space/authentication/idp/metadata
HTTP_SHIB_SESSION_ID: _<REMOVED>
HTTP_SHIB_SESSION_INDEX: _<REMOVED>
HTTP_SHIB_UID: zarya
HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:36.0)
Gecko/20100101 Firefox/36.0
HTTP_VERSION: HTTP/1.1
HTTP_X_FORWARDED_FOR: 2001:470:<REMOVED>:4358:64cf
HTTP_X_FORWARDED_HOST: git.nurd.space
HTTP_X_FORWARDED_PROTO: https
HTTP_X_FORWARDED_SERVER: git.nurd.space
ORIGINAL_FULLPATH: /users/auth/shibboleth/callback
ORIGINAL_SCRIPT_NAME:
PATH_INFO: /users/auth/shibboleth/callback
QUERY_STRING:
REMOTE_ADDR: 127.0.0.1
REQUEST_METHOD: GET
REQUEST_PATH: /users/auth/shibboleth/callback
REQUEST_URI: /users/auth/shibboleth/callback
ROUTES_53648780_SCRIPT_NAME:
SCRIPT_NAME:
SERVER_NAME: git.nurd.space
SERVER_PORT: 443
SERVER_PROTOCOL: HTTP/1.1
SERVER_SOFTWARE: Unicorn 4.6.3
action_dispatch.backtrace_cleaner: #<Rails::BacktraceCleaner:0x0000000173fe78>
action_dispatch.cookies_serializer:
action_dispatch.encrypted_cookie_salt: encrypted cookie
action_dispatch.encrypted_signed_cookie_salt: signed encrypted cookie
action_dispatch.http_auth_salt: http authentication
action_dispatch.key_generator:
#<ActiveSupport::CachingKeyGenerator:0x0000000174b110>
action_dispatch.logger: #<ActiveSupport::Logger:0x000000065b0a58>
action_dispatch.parameter_filter: [:password, :password_confirmation,
:private_token]
action_dispatch.redirect_filter: []
action_dispatch.remote_ip: 2001:470:<REMOVED>:4358:64cf
action_dispatch.request_id: 76c99926-<REMOVED>-c37b1a3ba190
action_dispatch.routes: #<ActionDispatch::Routing::RouteSet:0x00000006653b18>
action_dispatch.secret_key_base: <REMOVED>
action_dispatch.secret_token: <REMOVED>
action_dispatch.show_detailed_exceptions: false
action_dispatch.show_exceptions: true
action_dispatch.signed_cookie_salt: signed cookie
omniauth.origin: https://git.nurd.space/users/sign_in
omniauth.params: {}
omniauth.strategy: #<OmniAuth::Strategies::Shibboleth:0x000000038dadf8>
rack.errors: #<File:0x00000001781c38>
rack.hijack:
#<Proc:0x0000000c8cea18@/opt/gitlab/embedded/service/gem/ruby/2.1.0/gems/unicorn-4.6.3/lib/unicorn/http_request.rb:111>
rack.hijack?: true
rack.input: #<StringIO:0x000000026ba358>
rack.logger: #<Logger:0x0000000280ac08>
rack.multiprocess: true
rack.multithread: false
rack.request.cookie_hash: {"_gitlab_session"=>"<REMOVED>",
"_shibsession_<REMOVED>"=>"_<REMOVED>"}
rack.request.cookie_string: _gitlab_session=<REMOVED>;
_shibsession_<REMOVED>=_<REMOVED>
rack.run_once: false
rack.session: #<Rack::Session::Abstract::SessionHash:0x000000037f9678>
rack.session.options: {:path=>"/", :domain=>nil, :expire_after=>7 days,
:secure=>true, :httponly=>true, :defer=>false, :renew=>false,
:redis_server=>{:host=>nil, :port=>6379, :password=>nil, :db=>0,
:namespace=>"session:gitlab", :path=>"/var/opt/gitlab/redis/redis.socket"},
:servers=>{:host=>nil, :port=>6379, :password=>nil, :db=>0,
:namespace=>"session:gitlab", :path=>"/var/opt/gitlab/redis/redis.socket"}}
rack.url_scheme: https
rack.version: [1, 2]
warden: Warden::Proxy:29346160 @config={:default_scope=>:user,
:scope_defaults=>{}, :default_strategies=>{:user=>[:rememberable,
:database_authenticatable]}, :intercept_401=>false,
:failure_app=>#<Devise::Delegator:0x00000006467408>}
--
You received this message because you are subscribed to the Google Groups
"GitLab" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/gitlabhq/22e9328a-879d-4421-bbc2-92ba4dfae6b5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
