Topic on Extension talk:OpenID Connect

MediaWiki SAML integration with SecureAuth

2
Summary by CCicalese (WMF)

Wrong extension

Sirajuddink (talkcontribs)

I have made all the require changes given in below URL:

Extension:SimpleSAMLphp and Extension:PluggableAuth also have downloaded and configured simplesamlphp from https://simplesamlphp.org/docs/stable/simplesamlphp-install#section_4.

My LocalSetting.php config:

wfLoadExtension( 'PluggableAuth' );

wfLoadExtension( 'SimpleSAMLphp' );

$wgSimpleSAMLphp_InstallDir = '/var/www/html/extensions/SimpleSAMLphp/';

$wgSimpleSAMLphp_AuthSourceId = 'default-sp';

$wgSimpleSAMLphp_RealNameAttribute = 'cn';

$wgSimpleSAMLphp_EmailAttribute = 'mail';

$wgSimpleSAMLphp_UsernameAttribute = 'uid';

$wgPluggableAuth_Class = 'SimpleSAMLphp';

$wgPluggableAuth_EnableAutoLogin = false;

$wgPluggableAuth_EnableLocalLogin = false;

$wgPluggableAuth_EnableLocalLogin = false;

error_reporting( -1 );

ini_set( 'display_errors', 1 );

$wgResourceLoaderDebug = true;

$wgShowExceptionDetails = true;

$wgDebugLogFile= "/tmp/MediaWikiDebug.log";

After all the configuration my wiki url: https://mydomain/index.php/Main_Page does get redirect to the SecureAuth console but when I am entering my username nothing happens, It does not get redirect to the wiki page with success.

Below are the Debug Logs:

IP: 100.121.36.17

Start request GET /index.php/Special:PluggableAuthLogin

HTTP HEADERS:

HOST: wiki.mydomain.com

X-REQUEST-ID: 733039bc730bc801d15bc512dde451f1

X-REAL-IP: 10.30.1.151

X-FORWARDED-FOR: 10.30.1.151

X-FORWARDED-HOST: wiki.mydomain.com

X-FORWARDED-PORT: 443

X-FORWARDED-PROTO: https

X-ORIGINAL-URI: /index.php/Special:PluggableAuthLogin

X-SCHEME: https

CACHE-CONTROL: max-age=0

UPGRADE-INSECURE-REQUESTS: 1

USER-AGENT: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

ACCEPT-ENCODING: gzip, deflate, br

ACCEPT-LANGUAGE: en,en-US;q=0.9

COOKIE: dev_mediawikiUserName=Admin; dev_mediawiki_session=cgrqhtumtqmn6tumb5etp1ftvfp3gqap; SimpleSAML=73f1cbd44c130ec20bc3bd52e7851977; SimpleSAMLAuthToken=_e2395383d0d8082eb8d52bff43ef03dfd3a9d7dffd

[caches] cluster: APCUBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: APCUBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreDB

[session] Session "cgrqhtumtqmn6tumb5etp1ftvfp3gqap" requested without UserID cookie

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: calling initLB() before first connection.

[DBReplication] Cannot use ChronologyProtector with EmptyBagOStuff.

[DBReplication] Wikimedia\Rdbms\LBFactory::getChronologyProtector: using request info {

    "IPAddress": "100.101.66.17",

    "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/70.0.3538.67 Safari\/537.36",

    "ChronologyProtection": false,

    "ChronologyPositionIndex": 0

}

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: connected to database 0 at 'mediawiki-db.mydomain.com'.

[SQLBagOStuff] Connection 12803 will be used for SqlBagOStuff

[DBConnection] Wikimedia\Rdbms\LoadBalancer::openConnection: connected to database 0 at 'mediawiki-db.mydomain.com'.

[PluggableAuth] In execute()

[PluggableAuth] Getting PluggableAuth singleton

[PluggableAuth] Class name: SimpleSAMLphp

[session] Saving all sessions on shutdown

[session] SessionBackend "2a9beabc348b45cdba9e41e80088a4b3" is unsaved, marking dirty in constructor

[session] SessionBackend "2a9beabc348b45cdba9e41e80088a4b3" save: dataDirty=1 metaDirty=1 forcePersist=0

[session] SessionBackend "2a9beabc348b45cdba9e41e80088a4b3" force-persist due to persist()

[session] SessionBackend "2a9beabc348b45cdba9e41e80088a4b3" save: dataDirty=0 metaDirty=1 forcePersist=1

[DBPerformance] Expectation (writes <= 0) by MediaWiki::main not met (actual: 1):

query-m: REPLACE INTO `objectcache` (keyname,value,exptime) VALUES ('X')

#0 /var/www/html/includes/libs/rdbms/TransactionProfiler.php(219): Wikimedia\Rdbms\TransactionProfiler->reportExpectationViolated('writes', 'query-m: REPLAC...', 1)

#1 /var/www/html/includes/libs/rdbms/database/Database.php(1256): Wikimedia\Rdbms\TransactionProfiler->recordQueryCompletion('query-m: REPLAC...', 1541216062.8476, true, 1)

#2 /var/www/html/includes/libs/rdbms/database/Database.php(1151): Wikimedia\Rdbms\Database->doProfiledQuery('REPLACE INTO `o...', 'REPLACE /* SqlB...', true, 'SqlBagOStuff::s...')

#3 /var/www/html/includes/libs/rdbms/database/Database.php(2741): Wikimedia\Rdbms\Database->query('REPLACE INTO `o...', 'SqlBagOStuff::s...')

#4 /var/www/html/includes/libs/rdbms/database/DatabaseMysqlBase.php(516): Wikimedia\Rdbms\Database->nativeReplace('`objectcache`', Array, 'SqlBagOStuff::s...')

#5 /var/www/html/includes/objectcache/SqlBagOStuff.php(361): Wikimedia\Rdbms\DatabaseMysqlBase->replace('objectcache', Array, Array, 'SqlBagOStuff::s...')

#6 /var/www/html/includes/objectcache/SqlBagOStuff.php(376): SqlBagOStuff->setMulti(Array, 1541219662)

#7 /var/www/html/includes/libs/objectcache/CachedBagOStuff.php(65): SqlBagOStuff->set('dev_mediawiki:M...', Array, 1541219662, 1)

#8 /var/www/html/includes/session/SessionBackend.php(738): CachedBagOStuff->set('dev_mediawiki:M...', Array, 1541219662, 1)

#9 /var/www/html/includes/session/SessionBackend.php(607): MediaWiki\Session\SessionBackend->save()

#10 /var/www/html/includes/session/SessionBackend.php(291): MediaWiki\Session\SessionBackend->autosave()

#11 /var/www/html/includes/session/Session.php(127): MediaWiki\Session\SessionBackend->persist()

#12 /var/www/html/includes/session/PHPSessionHandler.php(357): MediaWiki\Session\Session->persist()

#13 [internal function]: MediaWiki\Session\PHPSessionHandler->write('2a9beabc348b45c...', 'a:0:{}')

#14 /var/www/html/includes/session/SessionManager.php(470): session_write_close()

#15 [internal function]: MediaWiki\Session\SessionManager->shutdown()

#16 {main}

[DBConnection] Wikimedia\Rdbms\{closure}: closing connection to database 'mediawiki-db.dev.mydomain.com'.

[DBConnection] Wikimedia\Rdbms\{closure}: closing connection to database 'mediawiki-db.dev.mydomain.com'.

wfClientAcceptsGzip: client accepts gzip.

MediaWiki\OutputHandler::handleGzip() is compressing output

Please guide @Cindy.cicalese

Cindy.cicalese (talkcontribs)