Moodle/Mahara SSO integration not working :(

Moodle/Mahara SSO integration not working :(

by Craig Douglas -
Number of replies: 6
I followed the Mahoodle pdf document to the letter, everything was looking good until I tested, then i get:

"Sorry could not log you in sad"

I've done some searching but thats not helped much and a few people seem to be in a similar situation to me, albeit they don't seem to have access to their apache logs like I do:

[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] PHP Warning: htmlspecialchars(): Invalid multibyte sequence in argument in C:\\wwwroot\\lib\\errors.php on line 306
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] PHP Warning: htmlspecialchars(): Invalid multibyte sequence in argument in C:\\wwwroot\\lib\\errors.php on line 306
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] [WAR] 17 (C:\\wwwroot\\api\\xmlrpc\\lib.php:884) openssl_open(): unable to coerce parameter 4 into a private key
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] Call stack (most recent first):
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * log_message("openssl_open(): unable to coerce parameter 4 into ...", 8, true, true, "C:\\wwwroot\\api\\xmlrpc\\lib.php", 884) at C:\\wwwroot\\lib\\errors.php:378
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * error(2, "openssl_open(): unable to coerce parameter 4 into ...", "C:\\wwwroot\\api\\xmlrpc\\lib.php", 884, array(size 4)) at Unknown:0
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * openssl_open("\xe9Y@\xcd\xbes\xe0\xe5\xab5#]\xaa{i\xb2G\xaf\xdfTt\xee8\x1b<Z\x98\x10/\xc7\xb7Ek\xefsy\xa1\xeeV\xc2/\xee+\xaa\xf8uV2\x96J...", "", "\x87\x81\x83S$\x12\xd1\xe2\xf4\xc44\xdc\x12\xcf8\x03<\xd4\xdf\x89\x95\xba\xde\xcb\x11\xd1\x90\xc0\xf8\xe5
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] \x16\x88\\\xf7x\xb7`\xc3\x91m\xfa\x9d\xb1\xe5E-\x83\xda\x97...", false) at C:\\wwwroot\\api\\xmlrpc\\lib.php:884
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * OpenSslRepo->openssl_open("\xe9Y@\xcd\xbes\xe0\xe5\xab5#]\xaa{i\xb2G\xaf\xdfTt\xee8\x1b<Z\x98\x10/\xc7\xb7Ek\xefsy\xa1\xeeV\xc2/\xee+\xaa\xf8uV2\x96J...", "\x87\x81\x83S$\x12\xd1\xe2\xf4\xc44\xdc\x12\xcf8\x03<\xd4\xdf\x89\x95\xba\xde\xcb\x11\xd1\x90\xc0\xf8\xe5
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] \x16\x88\\\xf7x\xb7`\xc3\x91m\xfa\x9d\xb1\xe5E-\x83\xda\x97...", false) at C:\\wwwroot\\api\\xmlrpc\\lib.php:621
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * xmlenc_envelope_strip(object(SimpleXMLElement)) at C:\\wwwroot\\api\\xmlrpc\\server.php:106
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168]
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] PHP Warning: htmlspecialchars(): Invalid multibyte sequence in argument in C:\\wwwroot\\lib\\errors.php on line 306
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] [WAR] 17 (C:\\wwwroot\\api\\xmlrpc\\lib.php:892) Undefined index: keypair_PEM
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] Call stack (most recent first):
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * log_message("Undefined index: keypair_PEM", 8, true, true, "C:\\wwwroot\\api\\xmlrpc\\lib.php", 892) at C:\\wwwroot\\lib\\errors.php:378
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * error(8, "Undefined index: keypair_PEM", "C:\\wwwroot\\api\\xmlrpc\\lib.php", 892, array(size 7)) at C:\\wwwroot\\api\\xmlrpc\\lib.php:892
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * OpenSslRepo->openssl_open("\xe9Y@\xcd\xbes\xe0\xe5\xab5#]\xaa{i\xb2G\xaf\xdfTt\xee8\x1b<Z\x98\x10/\xc7\xb7Ek\xefsy\xa1\xeeV\xc2/\xee+\xaa\xf8uV2\x96J...", "\x87\x81\x83S$\x12\xd1\xe2\xf4\xc44\xdc\x12\xcf8\x03<\xd4\xdf\x89\x95\xba\xde\xcb\x11\xd1\x90\xc0\xf8\xe5
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] \x16\x88\\\xf7x\xb7`\xc3\x91m\xfa\x9d\xb1\xe5E-\x83\xda\x97...", false) at C:\\wwwroot\\api\\xmlrpc\\lib.php:621
[Wed Aug 05 09:52:49 2009] [error] [client 172.16.0.168] * xmlenc_envelope_strip(object(SimpleXMLElement)) at C:\\wwwroot\\api\\xmlrpc\\server.php:106


Then it just repeats that many times. 172.16.0.168 is our Moodle server and these are the apache logs on the Mahara server.


On the page that says it couldn't log me in, the url is:

http://mahara.leggott.ac.uk/auth/xmlrpc/land.php?token=98cf5786d530cebc98fe872095fea546bd3bf1a6&idp=http://moodle.leggott.ac.uk&wantsurl=

Not sure if the bit at the end is a clue?

Moodle version: Moodle 1.9.4+ (Build: 20090506)
Mahara version: 1.1.5 (2009022614)

Thanks,
Craig
Average of ratings: -
In reply to Craig Douglas

Re: Moodle/Mahara SSO integration not working :(

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
Check your keys are valid and up to date in both Moodle and Mahara. Run Moodle with Debugging on as additional checks of the xmlrpc communications are made.

I would run the newest version of Moodle you possibly can as there have been a steady stream of fixes and improvements to the mnet code.

Are you running on Windows? If you are have you *definitely* got all the ssl stuff installed properly? I don't know the details but there's more to it than just enabling the PHP modules.
Average of ratings: -
In reply to Howard Miller

Re: Moodle/Mahara SSO integration not working :(

by Craig Douglas -
Yes I have, I had to change some of the core code on both Moodle and Mahara that I found by searching to get the keys to display and all the SSL stuff is now working as far as I can tell. Initially no keys were displayed at all, made the changes, the keys were displayed, followed the instructions and mahara pulled the key through from moodle so surely that's proof that the openssl is working?

I went through all the instructions with no errors at all.

Turning Debugging on made no difference as it's a mahara page that gets displayed.

If I simply delete my key on moodle, should that propogate the new key to mahara automatically or do I need to enter the new key in somewhere?
Average of ratings: -
In reply to Craig Douglas

Re: Moodle/Mahara SSO integration not working :(

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
I think Moodle actually has slightly better debugging than Mahara so it might be worth going through the motions in Moodle with debugging on - just in case.

Simply deleting the key in Moodle via the UI option should do the trick if that is the problem. It's not so simple in Mahara - you have to delete both the key and the expiry time (I forget the actual names) from the config database table directly. It will regenerate them when it sees they are missing.

I have no idea if Mahara is, strictly speaking, supported on Windows.

EDIT:
In case you haven't, I would certainly post your problems over at mahara.org. Nigel and the other guys there really know their stuff smile
Average of ratings: -
In reply to Howard Miller

Re: Moodle/Mahara SSO integration not working :(

by Craig Douglas -
I've checked and the keys are identical so I don't think there is any need to change them.

I know it isn't fully supported on windows, but everything I've done so far has worked ok and I'm sure the errors above from apache must mean something to someone a little more familiar with this.
Average of ratings: -
In reply to Craig Douglas

Re: Moodle/Mahara SSO integration not working :(

by Howard Miller -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
The only thing I have left is that it appears to be a problem picking up the openssl_history. This is stored in the 'config' table in mahara. It's serialised, but if the value is empty it gets regenerated.

It might be worth blasting that value, and all the keys just in case that has got corrupted at some point. Mahara doesn't verify the openssl_history data it just unserialises it and uses it to open the ssl data (where it's going wrong)
Average of ratings: -
In reply to Howard Miller

Re: Moodle/Mahara SSO integration not working :(

by Craig Douglas -
I tried deleting the entry in openssl_history but then it said "Site unavailable" when I tried again so I've put the value back in and it's back to the same problem as before. The value that is in openssl_history is:

a:6:{i:0;a:0:{}i:1;a:0:{}i:2;a:0:{}i:3;a:0:{}i:4;a:0:{}i:5;a:0:{}}

If that helps at all?
Average of ratings: -