I've attempted to get SAML login working using the following guide:
https://bluntlab.space/posts/sogo-saml-keycloak/
Currently I'm running apache, memcached, sogo and postgresql in a docker
compose environment while keycloak, postfix and dovecot are running
externally.
This is an excerpt from sogo.conf:
SOGoCacheCleanupInterval = 3600;
SOGoAuthenticationType = saml2;
NGImap4AuthMechanism = SAML;
SOGoSAML2IdpMetadataLocation = "/etc/sogo/idp-metadata.xml";
SOGoSAML2PrivateKeyLocation = "/etc/sogo/saml.privkey.pem";
SOGoSAML2CertificateLocation = "/etc/sogo/saml.cert.pem";
// SOGoSAML2IdpPublicKeyLocation = "/etc/sogo/idp.key";
// SOGoSAML2IdpCertificateLocation = "/etc/sogo/idp.crt";
SOGoSAML2LoginAttribute = "username";
SOGoSAML2LogoutEnabled = YES;
SOGoSAML2LogoutURL = "https://sogo.domain.com";;
When visiting https://sogo.domain.com/SOGo i get redirected to the
keycloak realm SSO prompt, credentials are accepted and it redirects me
back to what I configured in KeyCloak to be "Assertion Consumer Service
POST Binding URL": https://sogo.domain.com:443/SOGo/saml2-signon-post
But once there, I keep hitting:
```
sogod [11]: 192.168.0.10 "GET /SOGo HTTP/1.1" 302 0/0 0.002 - - 0 - 11
sogod [11]: |SOGo| starting method 'POST' on uri '/SOGo/saml2-signon-post'
sogod [11]: |SOGo| traverse(acquire): SOGo => saml2-signon-post
sogod [11]: |SOGo| do traverse name: 'SOGo'
sogod [11]: |SOGo| do traverse name: 'saml2-signon-post'
sogod [11]: |SOGo| set clientObject: <SOGo[0x0x5a13bcaa3e80]: name=SOGo>
sogod[11:11] EXCEPTION: <NSException: 0x5a13bcc7dd10>
NAME:NSInvalidArgumentException REASON:Tried to add nil value for key
'login' to dictionary INFO:{}
```
Any idea why SOGo (or is it a library like lasso) would generate "Tried
to add nil value for key 'login' to dictionary INFO:{}"?
//Anton
