After quite some debugging i found the issue
the configuration file is wrong mail needs to be email....
So problem solved.
On Tuesday, March 17, 2015 at 10:00:31 AM UTC+1, Rudy NA wrote:
>
> Hi,
>
> I tryed to deploy gitlab in combination with Shibboleth (and apache) but
> when i try to login i get a 500 error after shibboleth completed the
> authentication:
>
> *gitlab-rails/production.log:*
>
> Started GET "/users/auth/shibboleth/callback" for
> 2001:470:<REMOVED>:4358:64cf at 2015-03-17 08:33:44 +0000
> Processing by OmniauthCallbacksController#shibboleth as HTML
> Completed 500 Internal Server Error in 51ms
>
> SystemStackError (stack level too deep):
> activerecord (4.1.1)
> lib/active_record/connection_adapters/abstract/connection_pool.rb:629
>
>
> */etc/gitlab/gitlab.rb:*
>
> gitlab_rails['omniauth_allow_single_sign_on'] = true
> gitlab_rails['omniauth_block_auto_created_users'] = false
> gitlab_rails['omniauth_enabled'] = true
> gitlab_rails['omniauth_providers'] = [
> {
> "name" => 'shibboleth',
> "args" => {
> "shib_session_id_field" => "HTTP_SHIB_SESSION_ID",
> "shib_application_id_field" => "HTTP_SHIB_APPLICATION_ID",
> "name_field" => 'HTTP_SHIB_CN',
> "uid_field" => 'HTTP_SHIB_UID',
> "debug" => false,
> "info_fields" => { "mail" => 'HTTP_SHIB_EMAIL'}
> }
> }
> ]
>
>
> *When i put the gitlab shibboleth module in debug this is the output
> generated:*
>
> Debug from omniauth module:
> !!!!! This message is generated by omniauth-shibboleth. To remove it set
> :debug to false. !!!!!
> HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> HTTP_ACCEPT_ENCODING: gzip, deflate
> HTTP_ACCEPT_LANGUAGE: en-US,en;q=0.5
> HTTP_CACHE_CONTROL: max-age=0
> HTTP_CONNECTION: Keep-Alive
> HTTP_COOKIE: _gitlab_session=<REMOVED>; _shibsession_<REMOVED>=_<REMOVED>
> HTTP_DNT: 1
> HTTP_HOST: git.nurd.space
> HTTP_ORIGIN:
> HTTP_PERSISTENT_ID: 1787429f8<REMOVED>fbfc6d6
> HTTP_REFERER:
> https://engine.saml.nurd.space/authentication/sp/consume-assertion
> HTTP_REMOTE_USER: 1787429f8<REMOVED>fbfc6d6
> HTTP_SHIB_APPLICATION_ID: default
> HTTP_SHIB_ASSERTION_COUNT:
> HTTP_SHIB_AUTHENTICATION_INSTANT: 2015-03-17T08:33:41Z
> HTTP_SHIB_AUTHENTICATION_METHOD:
> urn:oasis:names:tc:SAML:2.0:ac:classes:Password
> HTTP_SHIB_AUTHNCONTEXT_CLASS: urn:oasis:names:tc:SAML:2.0:ac:classes:Password
> HTTP_SHIB_AUTHNCONTEXT_DECL:
> HTTP_SHIB_CN: Rudy <REMOVED>
> HTTP_SHIB_EMAIL: zarya@<REMOVED>.net
> HTTP_SHIB_IDENTITY_PROVIDER:
> https://engine.saml.nurd.space/authentication/idp/metadata
> HTTP_SHIB_SESSION_ID: _<REMOVED>
> HTTP_SHIB_SESSION_INDEX: _<REMOVED>
> HTTP_SHIB_UID: zarya
> HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:36.0)
> Gecko/20100101 Firefox/36.0
> HTTP_VERSION: HTTP/1.1
> HTTP_X_FORWARDED_FOR: 2001:470:<REMOVED>:4358:64cf
> HTTP_X_FORWARDED_HOST: git.nurd.space
> HTTP_X_FORWARDED_PROTO: https
> HTTP_X_FORWARDED_SERVER: git.nurd.space
> ORIGINAL_FULLPATH: /users/auth/shibboleth/callback
> ORIGINAL_SCRIPT_NAME:
> PATH_INFO: /users/auth/shibboleth/callback
> QUERY_STRING:
> REMOTE_ADDR: 127.0.0.1
> REQUEST_METHOD: GET
> REQUEST_PATH: /users/auth/shibboleth/callback
> REQUEST_URI: /users/auth/shibboleth/callback
> ROUTES_53648780_SCRIPT_NAME:
> SCRIPT_NAME:
> SERVER_NAME: git.nurd.space
> SERVER_PORT: 443
> SERVER_PROTOCOL: HTTP/1.1
> SERVER_SOFTWARE: Unicorn 4.6.3
> action_dispatch.backtrace_cleaner: #<Rails::BacktraceCleaner:0x0000000173fe78>
> action_dispatch.cookies_serializer:
> action_dispatch.encrypted_cookie_salt: encrypted cookie
> action_dispatch.encrypted_signed_cookie_salt: signed encrypted cookie
> action_dispatch.http_auth_salt: http authentication
> action_dispatch.key_generator:
> #<ActiveSupport::CachingKeyGenerator:0x0000000174b110>
> action_dispatch.logger: #<ActiveSupport::Logger:0x000000065b0a58>
> action_dispatch.parameter_filter: [:password, :password_confirmation,
> :private_token]
> action_dispatch.redirect_filter: []
> action_dispatch.remote_ip: 2001:470:<REMOVED>:4358:64cf
> action_dispatch.request_id: 76c99926-<REMOVED>-c37b1a3ba190
> action_dispatch.routes: #<ActionDispatch::Routing::RouteSet:0x00000006653b18>
> action_dispatch.secret_key_base: <REMOVED>
> action_dispatch.secret_token: <REMOVED>
> action_dispatch.show_detailed_exceptions: false
> action_dispatch.show_exceptions: true
> action_dispatch.signed_cookie_salt: signed cookie
> omniauth.origin: https://git.nurd.space/users/sign_in
> omniauth.params: {}
> omniauth.strategy: #<OmniAuth::Strategies::Shibboleth:0x000000038dadf8>
> rack.errors: #<File:0x00000001781c38>
> rack.hijack:
> #<Proc:0x0000000c8cea18@/opt/gitlab/embedded/service/gem/ruby/2.1.0/gems/unicorn-4.6.3/lib/unicorn/http_request.rb:111>
> rack.hijack?: true
> rack.input: #<StringIO:0x000000026ba358>
> rack.logger: #<Logger:0x0000000280ac08>
> rack.multiprocess: true
> rack.multithread: false
> rack.request.cookie_hash: {"_gitlab_session"=>"<REMOVED>",
> "_shibsession_<REMOVED>"=>"_<REMOVED>"}
> rack.request.cookie_string: _gitlab_session=<REMOVED>;
> _shibsession_<REMOVED>=_<REMOVED>
> rack.run_once: false
> rack.session: #<Rack::Session::Abstract::SessionHash:0x000000037f9678>
> rack.session.options: {:path=>"/", :domain=>nil, :expire_after=>7 days,
> :secure=>true, :httponly=>true, :defer=>false, :renew=>false,
> :redis_server=>{:host=>nil, :port=>6379, :password=>nil, :db=>0,
> :namespace=>"session:gitlab", :path=>"/var/opt/gitlab/redis/redis.socket"},
> :servers=>{:host=>nil, :port=>6379, :password=>nil, :db=>0,
> :namespace=>"session:gitlab", :path=>"/var/opt/gitlab/redis/redis.socket"}}
> rack.url_scheme: https
> rack.version: [1, 2]
> warden: Warden::Proxy:29346160 @config={:default_scope=>:user,
> :scope_defaults=>{}, :default_strategies=>{:user=>[:rememberable,
> :database_authenticatable]}, :intercept_401=>false,
> :failure_app=>#<Devise::Delegator:0x00000006467408>}
>
>
--
You received this message because you are subscribed to the Google Groups
"GitLab" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/gitlabhq/0fb89162-6fc2-4a42-9cf2-ed7669e6efc7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
