Cant log in to mahara via sso

Cant log in to mahara via sso

Warren Bez -
Колькасьць адказаў: 21
Hi All

Very frustrated with this problem. I follow the PDF to the letter and get no warnings, keys are transferred all looks good, until i clcik on my Mahara link after logging into moodle. Then i get this error. I have tried deleting institutions, i have retried probably 8 times from scratch....using moodle 1.92 and tried Mahara 1.04 and 1.05 with no luck....

d

Any help would be greatly appreciated.

Warren
Сярэдняе рэйтынгаў: -
У адказ на Warren Bez

Re: Cant log in to mahara via sso

Nigel McNie -
Interesting... could you check the server error log and see what Mahara is saying in there? There will probably be an error message and a backtrace, which will be crucial to find out exactly what the problem is.

BTW, the server error log is whatever log apache is logging errors to for your Mahara setup.
Сярэдняе рэйтынгаў: -
У адказ на Nigel McNie

Re: Cant log in to mahara via sso

Warren Bez -
Hi Nigel

Thanks for the response, my mahara is on a hosted server, when i checked the error logs there there were only 2 entries about a 404 page. The error log inside the mahara folder says nothing.

Perhaps i am not looking in the correct place, sorry.
Сярэдняе рэйтынгаў: -
У адказ на Warren Bez

Re: Cant log in to mahara via sso

Nigel McNie -
Does you host use a Cpanel or other kind of control mechanism? Maybe you could check the error logs using that?
Сярэдняе рэйтынгаў: -
У адказ на Nigel McNie

Re: Cant log in to mahara via sso

Warren Bez -
Hi Nigel

Thanks for the Cpanel tip, looks like my host only logs a few events, here is what i get in the error log when click on moodle link:

[Sun Oct 12 10:10:32 2008] [error] [client 98.***.**.190] * AuthXmlrpc->request_user_authorise("18f9541ef3fc25ee01d5284d18d4c0eef09b2ee9", "http://moodle.brentwoodacademy.com") at /home/baeagles/public_html/mahara/auth/xmlrpc/land.php:94, referer: http://moodle.brentwoodacademy.com/
[Sun Oct 12 10:10:32 2008] [error] [client 98.***.**.190] * Client->send("http://moodle.brentwoodacademy.com") at /home/baeagles/public_html/mahara/auth/xmlrpc/lib.php:115, referer: http://moodle.brentwoodacademy.com/

I blocked out the ip numbers, not sure if you need that.

Not sure this helps.

Warren
Сярэдняе рэйтынгаў: -
У адказ на Warren Bez

Re: Cant log in to mahara via sso

Nigel McNie -
I've seen that before. On some hosts, Networking (a) doesn't work, and (b) leaves incomplete messages in the logs.

Sadly, I have no idea why this happens журбота

I've previously even got a shell on boxes with these problems to see if I could work out what the problem was, but to no avail. The only suggestion I could give you is to try hosting either your Mahara or both your Mahara and Moodle somewhere else, to see if the problem goes away or changes form.

Sorry I can't be more help журбота(((
Сярэдняе рэйтынгаў: -
У адказ на Warren Bez

Re: Cant log in to mahara via sso

Jonas Lagneryd -
Hi,
I am experiencing similar issues:
I have gone through every set-up step in the doc Mahoodle://Integrating Mahara with Moodle.

The Network Servers Block in Moodle creates this link: http://card.coop/mahara/auth/xmlrpc/land.php?token=dbb7297d0ae3e4e624772...

The url should be http://card.coop/en/

When inserting that part to the url like this
http://card.coop/mahara/auth/xmlrpc/land.php?token=dbb7297d0ae3e4e624772...

and surfing to it from Moodle I get this message:

::::::::::::::::::::::::::::::::
Sorry, could not log you in журбота
Sorry, we could not log you into Mahara at this time. Please try again shortly, and if the problem persists, contact your administrator

::::::::::::::::

Any ideas? Warren, have you had any progress yet?

I am using Moodle 1.9 + (Build: 20080416) and Mahara version 1.0.5 (2008040207), both on the same hosted VPS on Siteground.

Kind regards,
Jonas
Сярэдняе рэйтынгаў: -
У адказ на Warren Bez

Re: Cant log in to mahara via sso

Erika Prindle -
If you are running on two different servers, check to make sure the time is synched. A discrepancy as small as 196 seconds gave me the same error message.
Сярэдняе рэйтынгаў: -
У адказ на Erika Prindle

Re: Cant log in to mahara via sso

Julian Neaum -
Hi Erika

Thanks - I've been trying to get SSO to work for the past couple of hours and having followed the Mahoodle document rigorously, came to the forum and found your post.

My mahara server is just a desktop PC with Ubuntu Server and the two servers were 10 minutes out. I corrected this manually and hey presto! SSO worked.

I'm now installing NTP to get time automatically.

And I can leave the college this evening without this hanging over me.

Thanks again
Сярэдняе рэйтынгаў: -
У адказ на Warren Bez

Re: Cant log in to mahara via sso

Sergio Saez -
Hello, I have the same problem. I'm working with Moodle 1.9.3+ and Mahara 1.06. My sites are hosted in a shared server, with the same IP but different domains (mysite.com/moodle and misite.info/mahara). When I try to access Mahara from Moodle I get this error:

Forbidden

You don't have permission to access /mahara/auth/xmlrpc/land.php on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

The error log in the mahara site says:

[Fri Dec 05 09:43:40 2008] [error] [client 89.129.34.227] File does not exist: /home/******/public_html/403.shtml, referer: http://www.*******.com/moodle/


Any idea?

Сярэдняе рэйтынгаў: -
У адказ на Sergio Saez

Re: Cant log in to mahara via sso

Nigel McNie -
That sounds like the permissions on that files are incorrect - the file should have permissions 644. You can use the 'chmod' command to do this.
Сярэдняе рэйтынгаў: -
У адказ на Nigel McNie

Re: Cant log in to mahara via sso

Sergio Saez -
These are the permissions:
mahara dir: 755
auth dir: 755
xmlrpc dir: 755
land.php file: 644
Seems to be all right...

Сярэдняе рэйтынгаў: -
У адказ на Sergio Saez

Re: Cant log in to mahara via sso

Nigel McNie -
Yes they do seem ok, nevertheless the error message you're getting is apache claiming permission denied. Are you sure there's no htaccess rule or something else denying access to that script? Can you visit any other script in that directory? What about the parent directories?
Сярэдняе рэйтынгаў: -
У адказ на Nigel McNie

Re: Cant log in to mahara via sso

Sergio Saez -
No, there isn't any rule in htaccess denying permission.
Yes, I can visit the rest of files in that directory.
Not only that, if I directly point my browser to http://www.mysite.info/mahara/auth/xmlrpc/land.php I access mahara, but I get the message:

Mahara: Invalid Parameter

A required parameter is missing or malformed

Missing parameter 'token' and no default supplied

Odd, isn't it?
Сярэдняе рэйтынгаў: -
У адказ на Sergio Saez

Re: Cant log in to mahara via sso

Nigel McNie -
Hi Sergio,

I finally got around too looking at your problem in more detail. It seems that your host has mod_security enabled, which gets angry any time a URL parameter has 'http://' in it. For example, your Moodle login page shows the same problem if you give it a URL like http://www.aulacritica.com/plataforma/login/index.php?foo=http://

There's no workaround for this other than to either configure mod_security to allow http parameters for the mnet land.php scripts, or to shut it off completely - neither of which you're likely to be able to do if you're on shared hosting. But you could raise a ticket with your host and see what they say.
Сярэдняе рэйтынгаў: -
У адказ на Nigel McNie

Re: Cant log in to mahara via sso

Sergio Saez -
As long as I can see, mod_security doesn't seem to be enabled in my server. I tried to disable it with .htaccess (I learned that it's possible in some forums), but when I do that, I get this message in the error log:

[Fri Dec 19 11:19:15 2008] [alert] [client 89.129.40.49] /home/aulaainf/public_html/.htaccess: Invalid command 'SecFilterEngine', perhaps misspelled or defined by a module not included in the server configuration, referer: http://www.aulacritica.com/plataforma/

Besides, in http://www.aulacritica.info/phpinfo.php you can see that this module is not loaded...

Сярэдняе рэйтынгаў: -
У адказ на Sergio Saez

Re: Cant log in to mahara via sso

Nigel McNie -
mod_security is an apache module, not a php one. It might reveal itself through the apache server signature but it might not (for security reasons? wink).

I would be surprised if your host would allow you to override the use of mod_security, but maybe they would. Also, this behaviour might be happening as a result of some other apache module, not mod_security. I guess you will find out when you ask your host.
Сярэдняе рэйтынгаў: -
У адказ на Nigel McNie

Re: Cant log in to mahara via sso

Sergio Saez -
Ok, thank you Nigel. I'll try to contact my host, to solve it.

Sergio

Сярэдняе рэйтынгаў: -