Re: [SOGo] SAML login not working / Keycloak 21.1.1 / Debian bookworm

Tue, 27 Jun 2023 12:17:26 -0700 

Hi,
I recompiled the sogo 5.8.4 package from Debian sid and added some NSLog outputs. So I can confirm that the SAML response is really ok and the content is fine. But it seems something in my setup is wrong. 


SOGo writes the current session to the sogo_sessions_folder. This  
works fine, the content in stored in the mysql db. But after storing  
the session two errors get logged:


---

(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24  
(profile.c/:913) Trying to unref a non GObject pointer  
file=profile.c:913 pointerbybname=profile->identity  
pointer=0x55c2ab612ec0



(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24  
(profile.c/:916) Trying to unref a non GObject pointer  
file=profile.c:916 pointerbybname=profile->session  
pointer=0x55c2ab547c90

---


I can't find the profile.c source code for now but I assumed sogo  
tried to read from the table sogo_user_profile the users profile. But  
even after creating this entry


INSERT INTO `sogo_user_profile` (`c_uid`, `c_defaults`, `c_settings`) VALUES
('[email protected]', '{}', '{}');

I still get the above error... So what I'm missing?

---

Jun 27 18:45:24 sogod [20775]: 79.140.187.148, 172.27.11.107 "GET  
/SOGo//[email protected] HTTP/1.1" 302 0/0 0.015 - - 0 - 13
Jun 27 18:45:24 sogod [20775]: |SOGo| starting method 'POST' on uri  
'/SOGo/saml2-signon-post'

2023-06-27 18:45:24.643 sogod[20775:20775] loginA: [email protected]
2023-06-27 18:45:24.643 sogod[20775:20775] loginB: [email protected]
2023-06-27 18:45:24.643 sogod[20775:20775] loginC: [email protected]

2023-06-27 18:45:24.643 sogod[20775:20775] assertionA: <saml:Assertion  
xmlns="urn:oasis:names:tc:SAML:2.0:assertion"  
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"  
ID="ID_21fcb575-9d92-4539-889e-40cf22767fd0"  
IssueInstant="2023-06-27T18:45:24.511Z"  
Version="2.0"><saml:Issuer>https://auth.example.com/realms/master</saml:Issuer><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><dsig:Reference URI="#ID_21fcb575-9d92-4539-889e-40cf22767fd0"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>KNo7JjLw1k6KyvJCzBkw6firW3TO2IvMr9Z+NiIeJqE=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>aDvUyS7iFXxi9ILF6byZeh1wbmqu2928G2KNa7zWGGEK0bDTv6udgHtoVnaBJ1+s4JE7G5QCBc/0KdmK+qveGwITcTXLSaSZHZuKfF3Nd1Q8HbA/m7YX9F0E8qFHBQkBCGvbSiR2Jttn2YXkGsxy+T455dV24Fl840KkM9ENiG4e2kHExHdM1aFMQbgBMxdJcWhBTkatnawBvSv5PpTvG8u0bU4UX7RlsdGnK+OnWCCe8tH1aKLUUaDRANuiEzroyVdBLbXEnmiYLru8QIx9ycckrx6NuIw6kNX73g07S5uQUS9fxemYs6BRNcHUHboL/aRPdq1XrgUDdBsTdDiFdQ==</dsig:SignatureValue><dsig:KeyInfo><dsig:KeyName>lW-L-g3kaWfrc5goQbcyY8W77J3-dWbKGA1joPXW19M</dsig:KeyName><dsig:X509Data><dsig:X509Certificate>MIICmzCCAYMCBgGAiWAFjDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjIwNTAzMTAwMTUzWhcNMzIwNTAzMTAwMzMzWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKbGwTJIDI7FURSwl83/CH15MTTVXN9ieRRcJ6Bd/tXogpNLMpqKCbMT3gdn7mF9XR+xNryKCwPIcDO2TMOE9yXxyLe4SQvj06zR+dK/v63sJk783rRO7APLFmoamQtONDc5nfqz3DpKbTCO0AqIK8Ki44TzQviEYaMzidApMI46bDl0ep5o/zCgzmNlVIZFdah4wp7c1wRw3+RVlrgJonT3dY7C+mHhLYrQ+pZsWb/6hmt1mvglf+Vh6iQrt6/I7uCMHH9LxxdRyaCCLZly6Zdei0qjlmp+VRTm+EMscct6kmeOgAXX5KCSh6n+flx7neL+MlQ0fgtGaBrnaxLzPDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGOhSwEHfHPbBk/QmyYfIvvMekDEj6iZCx/mrLRY0QuZzimsGgTFGM4kHH3kBwRvrswiB/VFloUrAtSBK6/NLc7CGNAdZ+pazOYcD/b0FtmoeGNixQluXVPdzsLYLVVvxHC/XrHS7C9Ne2bfwal+OP5c/emuNuV6PSmqo8XZhSP3025TapoDph+07DKRZUiJbCYcKgWrW+/UbaLCi0enf7qY2q7f8ztCwMxkClNN1RxQb/Fh78CG8eIW5hypyP/FLMlcOiDMLynwoSxSuinuIT/pzS8KW5nh8CftevPh8peCrlLv6Xzux7Ys3FANnXOhUEKsgM1c+PTen87Nq3JZ6RM=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">G-2594070f-2a5d-452d-8a25-97a59350d785</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData InResponseTo="_B242FC97294F0C92067C5F0410D67BB8" NotOnOrAfter="2023-06-27T18:46:22.511Z" Recipient="https://sogo.example.com/SOGo/saml2-signon-post"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2023-06-27T18:45:22.511Z" NotOnOrAfter="2023-06-27T18:46:22.511Z"><saml:AudienceRestriction><saml:Audience>https://sogo.example.com/SOGo/saml2-metadata</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2023-06-27T18:45:24.511Z" SessionIndex="16413760-ecf9-4e38-9b82-266b51046c5c::1e9f2cf8-cfb8-4f57-a147-7eb92f5825c6" SessionNotOnOrAfter="2023-06-28T04:45:24.511Z"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute FriendlyName="email" Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:type="xs:string">[email protected]</saml:AttributeValue></saml:Attribute><saml:Attribute FriendlyName="username" Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";  
xsi:type="xs:string">clahil</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion>
2023-06-27 18:45:24.643 sogod[20775:20775] identifierA:  
G-2594070f-2a5d-452d-8a25-97a59350d785
2023-06-27 18:45:24.645 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL:  
BEGIN;
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0>   query  
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL:  
SELECT t1.c_creationdate, t1.c_id, t1.c_lastseen, t1.c_value FROM   
sogo_sessions_folder t1 WHERE t1.c_id='AY9zox6L6tlqhvTT';
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0>   query  
has results, entering fetch-mode.
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL:  
ROLLBACK;
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0>   query  
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL:  
BEGIN;
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0>   query  
has no results.
2023-06-27 18:45:24.646 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL:  
INSERT INTO sogo_sessions_folder (c_lastseen, c_creationdate, c_value,  
c_id) VALUES (1687891524, 1687891524,  
'+6v3UAlzw1Uopz6KfBucDF/undxmEMWLRwYITYMMPL/WfB8aZiYjLw4LS+IqAGZDf4awmijbrXRySJkvBVBUMogRfMQi1DhmW1eqsfBRM/jTWF0w7UZdT4TccirJ+6vqoATWvjNiNFKxo9TXHXC6uSbom3iDukBubHvqO4gJsAis9kq+DvE/B4onJZU1GsYOC2mAclvhO0feGN/0HhNDUQ6UsQRHnbFourjAcZ2qBbwwIe3EvY8hzor/+d0530RAVgL+XQ6ztdHhJEisomlqBTQ8GkM/gyZJSjRnPP2yvTxvFOb1Qk+zQdkB6fzAoF4uZfOtZttcdyVsbflb+zPr760YiqHnybtQ57bZio73p40iyda/Q6elpkiyFwMQm7uBvhErfUc92P06fKYmoBdduGsnZOVJpDxHYL/ooSxxeD+oexo4gnXlMMlJ5Dbgm5kiN1Gtf6VZwIlljk4xyUu6lmzaYG0b22A1Ioqjyaj6OLignMPuk1tlfIqcZ2PHg2We+TlYZnXhh4k2PbK2jrbqrc8EmUdehTqJ9IE2qSKUvfpNLCNHzk5OdUg1BQFNRw+TAKx3AX8MoPS6fZnHNUzHduzT4NCmb6gLsPeHZqWVdYWskXyUblZwGJMh0es8VvhTMa86c1ePJb+Z+eQfojmSHk35UKIApZefJzxSXTwZrr6CEtNrNc/nKXhQgfdgvq+YzHLcZZdAFnugaLm+pUoIFLmticYvgn1VpCb1k2GL6kf1Uqt40R1tTyQ7TwPR1WTyHxt0yjWPX13a0cj5SU22nMkB8Q9wDuBfP1mtIssXDyHZINvo+U0U3K5/VJcm/imXHJinVfQXgpdjeKn0MACHpZv4Duk7OyCL3uaJAsk02LgDuK54eghp3StIE5zQGGAxr4k1zIYsLIuUiL+jGPUi2A2S4x2ZN1htAxWemOgN2N0fVp0QjhMt3Gv/YJcMYdOplNjOtkvMbayBhMsftehJ+/3lq9IGXIr8/qjvZ

wWy9WXuvgzzOAnmXOdlLXn8wb8c
HVVi6fVWp0X4+PQRxypEtpd2h9qzMX2ulwrugE0WOm67zsPnibH/mrrg7KV+G+WkGIGZlbXVWbXHre2+VeQ0YYZcStgKFK8oO6hgsHxjBm858ppgsxHegBXCg9vFIqku/0AF/+hScH/+s0mMLYs5oJK64t+aknIRUYYT/W1luKTKskuEYpp5ida1yKqshi96YCKn/DiYxaDZN0DaHVYlapzRxgsp6P1v4wSkEyS6bpquOw3vRKiKrDCbUurIQiD04PQY1M15SjfqjF14dKC6ejt0EJ/DF/zP8LzWIxi8vmS9tfQlnhONoVjBtyltYsOjDHsPr+WVhSpcgTnzRJaJIpJsUy4Nc4nBTYuEvh1v7okug+QyNmRMalDI0p98PwDbxjzoBX0A6mEBRuyhMeLR5qmXD5blXrvSgPEeRQPw1uJwhkaOej8gi3qek1g8IajgeCWbWw4eSQrT4ZW07AVOkh1q8sYpMRr+IyFUev5lDfnlsatPATOP30ISST8sGrWS8drpMd0xKmxg9iqaj4Ux3L6/QcSU2ZX6ogZ/9ggQhwofmM4ed2AZHgzq8A79rnZ4fXr8MGRCRx8N1W4p0eIhptc3r3oL/yp1UzVZe46NTJBLerRn2m40kfy+cTlL3kL9sJyebuv62MF22ycExyEYVQA/SOePpvhxdYFhEgKBAJ6Wl2nWi0ZZou0XAQgXtxHHOCTAUw1jCvfDoyZrqZLfTzpqtBOShAnNRkErXfPgKszn/qQBgow0CyO7gtQO8PKHMMdns5jJq/Q0xBo5CtLYTlfT77jHRGcJxUjFjE7rbRrkv6c4thYWPZpbyu9BohRQj1VBh++gyR4K/z2GD9m1eiitevSnyfVfTrqX9FyYN4GBKcOsikBhWdMGFNBO6B16CFBR8ZwBbY07PG1aKWIPpFi28iOl7I1F8f2Ci0bCmHWOiyLfOD2rzUf90kjSxEm3QRZhALKiqSNxcUbgRoZbrMBaItljyU4lNdhkIT
eYftskjaNLUfh2iNxOjg43PDLU
iV1gDKi2CNp1bKLtFCLeJZjYBStRQ9tTL9ZpJso1CAzoKpBpjxZq', 'AY9zox6L6tlqhvTT');

2023-06-27 18:45:24.647 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0>   query  
has no results.
2023-06-27 18:45:24.647 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL:  
COMMIT;
2023-06-27 18:45:24.647 sogod[20775:20775]  
<MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0>   query  
has no results.

Jun 27 18:45:24 sogod [20775]: |SOGo|   constructed root-url: /SOGo/
Jun 27 18:45:24 sogod [20775]: |SOGo|   setting root-url in context: /SOGo/
Jun 27 18:45:24 sogod [20775]: |SOGo| ROOT baseURL(no container, name=(null)):
  own: /SOGo/
attribute->Name: email == email (loginAttribue)
textNode->content: [email protected]


(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24  
(profile.c/:913) Trying to unref a non GObject pointer  
file=profile.c:913 pointerbybname=profile->identity  
pointer=0x55c2ab612ec0



(process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24  
(profile.c/:916) Trying to unref a non GObject pointer  
file=profile.c:916 pointerbybname=profile->session  
pointer=0x55c2ab547c90

Jun 27 18:45:24 sogod [20775]: |SOGo| request took 0.087479 seconds to execute

Jun 27 18:45:24 sogod [20775]: 79.140.187.148, 172.27.11.107 "POST  
/SOGo/saml2-signon-post HTTP/1.1" 302 0/12977 0.089 - - 28K - 13


---























					Reply via email to