Whats wrong with response from ADFS?

Whats wrong with response from ADFS?

by Marek Hanacek -
Number of replies: 1

Hi,

I have configured ADFS and when I click on Login via SAML2 link, I GET data to adfs and got POST back but it show this error:

SAML2 exception: Responder
Debug info: #0 [dirroot]/auth/saml2/extlib/simplesamlphp/modules/saml/lib/Message.php(554): sspmod_saml_Message::getResponseError(Object(SAML2\Response))
#1 [dirroot]/auth/saml2/extlib/simplesamlphp/modules/saml/www/sp/saml2-acs.php(129): sspmod_saml_Message::processResponse(Object(SimpleSAML_Configuration), Object(SimpleSAML_Configuration), Object(SAML2\Response))
#2 [dirroot]/auth/saml2/sp/saml2-acs.php(32): require('[dirroot]...')
#3 {main}
Error code: exception
Stack trace:
line 34 of /auth/saml2/sp/saml2-acs.php: saml2_exception thrown

It show on page like https://vzdelavanie.mayusko.sk/auth/saml2/sp/saml2-acs.php/vzdelavanie.mayusko.sk
FF addon Saml tracer HTTP/1.1 404 Not Found
In simplesamlphp.log only debug with samlp:Response content

Tryed https://vzdelavanie.mayusko.sk/auth/saml2/test.php
ispassivetest: Passive test worked, but not logged in
login: same result as above

What could be wrong? The afds set company itself, I have only received federation metadata.


Attachment Error_-_2018-09-28_21.22.07.png
Average of ratings: -
In reply to Marek Hanacek

Re: Whats wrong with response from ADFS?

by Marek Hanacek -
SOLVED!

to get detailed error edit /var/www/totara/auth/saml2/sp/saml2-acs.php and comment

//throw new saml2_exception($e->getMessage(), $e->getTraceAsString());

and write there

echo "<pre>";
print_r($e);
echo "</pre>";

You will get whole exception and in mine was problem with NameIDPolicy, privatekey and certificate values
I need to reconfigure ADFS, not Moodle/Totara plugin Saml2 to work.
Average of ratings: -