In your logs you have a segfault. You need to provide a backtrace according to https://www.sogo.nu/support/faq/how-do-i-debug-sogo.html
Sebastien Le Samedi, Juin 24, 2023 13:38 CEST, "Claas Hilbrecht" ([email protected]) <[email protected]> a écrit: Hi, I try to get a SAML login working and failed. I read a lot in this list and think I'm pretty close towards a working setup. I managed to get redirected to the IDP login screen and while I get redirected back to SOGo I get this error message: --- Proxy Error The proxy server received an invalid response from an upstream server. The proxy server could not handle the request Reason: Error reading from remote server --- The sogo.log to this request is: --- Jun 24 11:16:38 sogod [2131]: |SOGo| starting method 'GET' on uri '/SOGo' Jun 24 11:16:38 sogod [2131]: <0x0x5572c15faaa0[SOGoCache]> Cache cleanup interval set every 3600.000000 seconds Jun 24 11:16:38 sogod [2131]: <0x0x5572c15faaa0[SOGoCache]> Using host(s) '127.0.0.1' as server(s) Jun 24 11:16:38 sogod [2131]: [WARN] <0x0x7fc5bc4d8a80[WOxElemBuilder]> could not locate builders: WOxExtElemBuilder,WOxExtElemBuilder Jun 24 11:16:38 sogod [2131]: [ERROR] <0x0x5572c19e0770[SOGoUserManager]> No authentication sources defined - nobody will be able to login. Check your defaults. 2023-06-24 11:16:38.057 sogod[2131:2131] <MySQL4Channel[0x0x5572c1582b10] connection=0x0x5572c17d4950> SQL: SELECT c_defaults FROM sogo_user_profile WHERE c_uid = 'anonymous'; 2023-06-24 11:16:38.058 sogod[2131:2131] <MySQL4Channel[0x0x5572c1582b10] connection=0x0x5572c17d4950> query has results, entering fetch-mode. Jun 24 11:16:38 sogod [2131]: |SOGo| request took 0.152470 seconds to execute Jun 24 11:16:38 sogod [2131]: 79.140.187.148, 172.27.11.107 "GET /SOGo HTTP/1.1" 302 0/0 0.155 - - 6M - 12 Jun 24 11:16:44 sogod [2131]: |SOGo| starting method 'POST' on uri '/SOGo/saml2-signon-post' Jun 24 11:16:44 sogod [2128]: <0x0x5572c1604cf0[WOWatchDogChild]> child 2131 exited Jun 24 11:16:44 sogod [2128]: <0x0x5572c1604cf0[WOWatchDogChild]> (terminated due to signal 11) Jun 24 11:16:44 sogod [2128]: <0x0x5572c1543c80[WOWatchDog]> child spawned with pid 2135 2023-06-24 11:16:44.602 sogod[2135:2135] MySQL4 connection established 0x0x5572c168a150 2023-06-24 11:16:44.602 sogod[2135:2135] ---------- -[MySQL4Channel openChannel]: <MySQL4Channel[0x0x5572c155ae80] connection=0x0x5572c168a150> opens channel count[0] 2023-06-24 11:16:44.602 sogod[2135:2135] MySQL4 channel 0x0x5572c155ae80 opened (connection=0x0x5572c168a150,sogo) 2023-06-24 11:16:44.602 sogod[2135:2135] <MySQL4Channel[0x0x5572c155ae80] connection=0x0x5572c168a150> SQL: SELECT 1 FROM sogo_user_profile WHERE 1 = 2; 2023-06-24 11:16:44.603 sogod[2135:2135] <MySQL4Channel[0x0x5572c155ae80] connection=0x0x5572c168a150> query has results, entering fetch-mode. 2023-06-24 11:16:44.603 sogod[2135:2135] <MySQL4Channel[0x0x5572c155ae80] connection=0x0x5572c168a150> SQL: SELECT 1 FROM sogo_folder_info WHERE 1 = 2; 2023-06-24 11:16:44.603 sogod[2135:2135] <MySQL4Channel[0x0x5572c155ae80] connection=0x0x5572c168a150> query has results, entering fetch-mode. 2023-06-24 11:16:44.605 sogod[2135:2135] <MySQL4Channel[0x0x5572c155ae80] connection=0x0x5572c168a150> SQL: SELECT 1 FROM sogo_sessions_folder WHERE 1 = 2; 2023-06-24 11:16:44.605 sogod[2135:2135] <MySQL4Channel[0x0x5572c155ae80] connection=0x0x5572c168a150> query has results, entering fetch-mode. Jun 24 11:16:44 sogod [2135]: <0x0x5572c176b150[WOHttpAdaptor]> notified the watchdog that we are ready --- I think the WOWatchDogChild kills for whatever reason the login process... Previously I got a this error: --- sogo.log.1:2023-06-22 19:10:31.616 sogod[4831:4831] EXCEPTION: <NSException: 0x560f461a0690> NAME:NSInvalidArgumentException REASON:Tried to add nil value for key 'login' to dictionary INFO:{} --- But after adding a login key (as a AttributeStatement Mapper/User Property) to the SAML answer the above error message is thrown. I try to get the SAML login working with Debian bookworm and Keykoack 21.1.1. --- dpkg -l | grep -e 'sogo\|sope' ii libsope1 5.8.0-1 amd64 SKYRiX Object Publishing Environment (shared libraries) ii sogo 5.8.0-1 amd64 Scalable groupware server ii sogo-activesync 5.8.0-1 amd64 Scalable groupware server - ActiveSync module ii sogo-common 5.8.0-1 all Scalable groupware server - common files --- My sogo.conf looks like this: --- { SOGoDebugRequests = YES; SoDebugBaseURL = YES; SOGoEASDebugEnabled = YES; ImapDebugEnabled = YES; LDAPDebugEnabled = YES; MySQL4DebugEnabled = YES; PGDebugEnabled = YES; SOGoUIxDebugEnabled = YES; WODontZipResponse = YES; /* Authentication */ SOGoPasswordChangeEnabled = NO; /* Web Interface */ SOGoPageTitle = SOGo; //SOGoVacationEnabled = YES; //SOGoForwardEnabled = YES; //SOGoSieveScriptsEnabled = YES; //SOGoMailAuxiliaryUserAccountsEnabled = YES; //SOGoTrustProxyAuthentication = NO; //SOGoXSRFValidationEnabled = YES; MySQL4Encoding = "utf8mb4"; SOGoProfileURL = "mysql://user:[email protected]:3306/sogo/sogo_user_profile"; OCSFolderInfoURL = "mysql://user:[email protected]:3306/sogo/sogo_folder_info"; OCSSessionsFolderURL = "mysql://user:[email protected]:3306/sogo/sogo_sessions_folder"; OCSEMailAlarmsFolderURL = "mysql://user:[email protected]:3306/sogo/sogo_alarms_folder"; SOGoLanguage = English; SOGoAppointmentSendEMailNotifications = YES; SOGoMailingMechanism = smtp; SOGoSMTPServer = 127.0.0.1; SOGoTimeZone = UTC; SOGoSentFolderName = Sent; SOGoTrashFolderName = Trash; SOGoDraftsFolderName = Drafts; SOGoIMAPServer = "imaps://dovecot.example.com:143/?tls=YES"; SOGoSieveServer = "sieve://dovecot.example.com:4190/?tls=YES"; SOGoIMAPAclConformsToIMAPExt = YES; SOGoFirstDayOfWeek = 0; SOGoMailMessageCheck = manually; SOGoMemcachedHost = 127.0.0.1; SOGoCacheCleanupInterval = 3600; NGImap4AuthMechanism = PLAIN; SOGoForceExternalLoginWithEmail = YES; SOGoAuthenticationType = saml2; SOGoSAML2PrivateKeyLocation = "/etc/sogo/sogo-saml.key"; SOGoSAML2CertificateLocation = "/etc/sogo/sogo-saml.crt"; SOGoSAML2IdpMetadataLocation = "/etc/sogo/idp-metadata.xml"; SOGoSAML2IdpPublicKeyLocation = "/etc/sogo/idp.key"; SOGoSAML2IdpCertificateLocation = "/etc/sogo/idp.crt"; #SOGoSAML2IdpCertificateLocation = "/etc/ssl/certs/"; SOGoSAML2LoginAttribute = "username"; SOGoSAML2LogoutEnabled = YES; SOGoSAML2LogoutURL = "https://sogo.example.com/";; } Anyone any ideas how to get SAML login working with SOGo? FYI: The login to dovecot already works with Keycloak from Thunderbird. ---
