Topic on Extension talk:SimpleSamlAuth/Flow

SimpleSamlAuth since 1.27?

7
2001:4898:8010:0:0:0:0:27C (talkcontribs)

Has anyone successfully used SImpleSamlAuth and SimpleSamlPHP with MediaWiki 1.27? I'm working on building a 1.27 replacement for an existing 1.25 environment and I can't get authentication working for the life of me. Using SamlTracer I can see that the 1.25 environment sets a session cookie before SimpleSaml redirects to the IDP. In 1.27 that cookie is not set. The other difference (and the main symptom/cause) of my login failure is that my session ID changes between being redirected to the IDP and the response being sent back to SimpleSaml. This causes a NOSTATE error.

Just wondering if anyone else has ran into this, or if i've done something stupid in my config that I just haven't noticed.

193.5.216.100 (talkcontribs)

HI!

Were you able to get it to work? I'm am also trying to get it to work, but I get the Error:

Exception encountered, of type "LogicException"

Could it be that simplesamlauth is not compatible with Mediawiki 1.27? I also used it in an 1.25 environment.

2001:4898:8010:1:0:0:0:59A (talkcontribs)

I haven't been able to get around the problem I ran into but my error is significantly different. I'm fairly certain the issue is SimpleSamlAuth needing to be updated for the changes to session management in MediaWiki. While troubleshooting I compared my 1.25 environment behavior against the 1.27 environment and 1.25 drops a session cookie to the browser before redirecting to the login provider. 1.27 doesn't drop this cookie, and as far as I can tell that's the root of my problem. I've tried modifying simplesamlauth to set the session cookie prior to redirecting and while I can get a cookie to set, it doesn't appear to be used.

I'd wager there's something obvious I'm missing like I just need to create an instance of the MediaWiki session manager and use it to setup the session, but I can't figure out exactly how to do that in a way that works :)

2001:41F0:53D4:1:203D:5179:91E6:2175 (talkcontribs)

Hi.

I found a workaround (or fix) for the Exception encountered, of type "LogicException"

tested on MediaWiki 1.27, SimpleSamlAuth tags/v0.6

When $wgShowExceptionDetails = true in LocalSettings.php; we learn the error comes from includes/user/User.php line 2493.

From 1.27 MediaWiki uses a different mechanism (AuthManager) for changing authentication data.

In the function setPasswordInternal, line 2488 (called by setInternalPassword) we see we cannot set a password for a user that is not in the database.

WORKAROUND (or fix):

in SimpleSamlAuth.class.php, first add the user to the database, then set password. (Basically swap line 440 & 441 around) to become:

$user->addToDatabase();

$user->setInternalPassword( null ); // prevent manual login until reset

Piele

46.59.63.183 (talkcontribs)

I am developing a SAML extension for MediaWiki 1.27 as part of a larger customization effort for a web site I have been working on. I previously used some of the existing SAML extensions available but like you, I found that they no longer work on 1.27.

I'm far from done but perhaps some of my code can be of use: https://github.com/wsv-accidis/tmeit-wiki/tree/tmeit-master/extensions/TmeitSamlAuth

Note that this is not a patched SimpleSamlAuth but a new extension based on the same concept, but with fewer options (I am only implementing what I need for my project).

2001:4898:8010:1:0:0:0:59A (talkcontribs)

It turns out the only problem I was having is leaving SimpleSamlPHP configured to use cookies for session storage. After moving session storage to memcached I'm able to use SimpleSamlAuth and SimpleSamlPHP just fine!

115.113.69.206 (talkcontribs)

Hi all...please healp me....i am trying to configure comment extension but i have getting error ..please look below

Database error

A database query error has occurred. This may indicate a bug in the software.

  • Query: SELECT Comment_Username,Comment_IP,Comment_Text,Comment_Date,UNIX_TIMESTAMP(Comment_Date) AS timestamp,Comment_user_id,CommentID,Comment_Parent_ID FROM "Comments" WHERE Comment_Page_ID = '774'
  • Function: CommentsPage::getComments
  • Error: 42P01 ERROR: relation "Comments" does not exist LINE 1: ...Comment_user_id,CommentID,Comment_Parent_ID FROM "Comments"
Reply to "SimpleSamlAuth since 1.27?"