Using Moodle Mobile and SSO with CAS and SAML

Using Moodle Mobile and SSO with CAS and SAML

by Corey Wallis -
Number of replies: 4

Hi,

We have a client that is looking to use a Moodle instance with the Moodle Mobile local plugin, and the Moodle Mobile app. They need to use the SSO option of the local plugin, as they use CAS, as well as SAML as their authentication mechanisms for Moodle. 

Unfortunately the authentication doesn't work as intended. What happens is typically something like this:

  1. Open the Moodle Mobile app
  2. Enter the instance URL
  3. Be redirected to Moodle authentication form (in a browser window)
  4. Enter credentials into the CAS authentication form
  5. Be redirected back to the Moodle Mobile app
  6. Access a course
  7. Attempt to access an assignment
  8. Be redirected to the Moodle CAS authentication form (in an embedded browser window)
  9. Enter credentials into the CAS authentication form
  10. Tapping the 'login' button doesn't work
  11. Tap the 'Done' button in the bottom left hand corner of the embedded browser window
  12. See the Moodle Mobile app
  13. Try attempting to access the same assignment
  14. Be redirected to the Moodle SAML authentication form (in an embedded browser window)
  15. Enter credentials into the SAML authentication form
  16. Access the assignment in the embedded browser window

As you can see, accessing content that cannot be rendered in the Moodle Mobile app, such as an assignment, results in being prompted for the same authentication information twice. Once by the CAS authentication form, which appears to error as tapping the login button doesn't work. Followed by the SAML authentication plugin. 

Does anyone have any experience in debugging authentication issues like this? There are no errors reported in the server logs, and because I'm testing on the device I don't see any browser warnings or JavaScript related errors. 

I've also tried using the Moodle Mobile simulator, but nothing jumps out at me as being an issue. There certainly isn't anything printed to the console. 

Looking at the HTTP / HTTPS traffic between the device and Moodle instance also doesn't highlight any issues. 

Any thoughts on approaches to debugging this issue are very welcome. 

-Corey


Average of ratings: -
In reply to Corey Wallis

Re: Using Moodle Mobile and SSO with CAS and SAML

by Juan Leyva -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Plugin developers Picture of Testers

Hi,

seems to be more a browser/embed browser issue that a bug in the code, are you client testing with ios and/or Android?

Average of ratings: -
In reply to Juan Leyva

Re: Using Moodle Mobile and SSO with CAS and SAML

by Corey Wallis -

Hi,

We've been testing predominantly with iOS. 

Interestingly I see similar behaviour using the Moodle Mobile simulator, but no error messages as far as I can see. 

-Corey

Average of ratings: -
In reply to Juan Leyva

Re: Using Moodle Mobile and SSO with CAS and SAML

by Corey Wallis -

Hi Juan,

Just a quick followup to this issue. 

We have predominately tested using iOS devices, namely an iPhone 5, and iPhone 4S, and an iPad MIni. Running both iOS 7 and iOS 8.

Do you have any further thoughts on any further steps we can undertake to investigate the issue, and hopefully find a resolution?

With thanks. 

-Corey

Average of ratings: -
In reply to Corey Wallis

Re: Using Moodle Mobile and SSO with CAS and SAML

by Juan Leyva -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Plugin developers Picture of Testers

Hello Corey,

may I have a test user account for testing all the process in my devices? I know that sometimes is not easy to create an external user account due privacy issues but it will help a lot

Someone reported a similar issue here: https://tracker.moodle.org/browse/MOBILE-776 you may follow this issue (sign-up in the tracker and click "Watch this issue")

Cheers, Juan

Average of ratings: -