Integrate SSO with CAS via SAML2

Suggestions on Community Server Installation/Functionality
Post Reply
tranthoang.vn
Posts: 1
Joined: Tue Mar 10, 2020 3:42 am

Integrate SSO with CAS via SAML2

Post by tranthoang.vn » Tue Mar 10, 2020 4:37 am

I had problem when integrate with CAS via SAML2. We had completed Flow in CAS and redirected to callback link "https://onlyoffice.inetcloud.vn/sso/slo/callback" but when post SAMLResponse has "Internal error"
Callback:

SAMLReponse:
SAMLResponse: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwycDpSZXNwb25zZSBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9vbmx5b2ZmaWNlLmluZXRjbG91ZC52bi9zc28vYWNzIiBJRD0iXzg1MDAxMTQ5NTI1NzI3MTI5NiIgSW5SZXNwb25zZVRvPSJfNjA4NDBjZWUtZjNhMy00YTZiLTk5NGItYmM2MWQzMmY4ZDE1IiBJc3N1ZUluc3RhbnQ9IjIwMjAtMDMtMTBUMDQ6Mjc6MjkuODY0WiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sMnA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+PHNhbWwyOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHBzOi8vdzE3OC5pbmV0Y2xvdWQudm4vY2FzL2lkcDwvc2FtbDI6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgo8ZHM6U2lnbmVkSW5mbz4KPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPgo8ZHM6UmVmZXJlbmNlIFVSST0iI184NTAwMTE0OTUyNTcyNzEyOTYiPgo8ZHM6VHJhbnNmb3Jtcz4KPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+CjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KPC9kczpUcmFuc2Zvcm1zPgo8ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz4KPGRzOkRpZ2VzdFZhbHVlPk51WDl6RU9nazl5K29DSXpEMEhlVDgycE1Vcz08L2RzOkRpZ2VzdFZhbHVlPgo8L2RzOlJlZmVyZW5jZT4KPC9kczpTaWduZWRJbmZvPgo8ZHM6U2lnbmF0dXJlVmFsdWU+Cm9WL3JZMFRVcnFISzVUQjNjVFBiaERWemZZRFlucWtwSUxBZXFvSzZDMnFhYlZ2SFZLd0c3S3FYNmIvSDNKYnBFV1A0eTNRZ1M2THYmI3hkOwoySENXS0VtOHljU2wyWDU5K2NyTFM3Q2s1OG5FTVVGTjNlSXJXbHBQK0VCUWJkQVdwQTQwZlBpSTVxTmwzWmNsZGJnM3lwRmkvRXlDJiN4ZDsKeGF3N0FBblpnN21jbmZjTmlyaFpzWkM1UHNUVkVzeXdoNm1OSE5KVHRGVmpGU2FRSXBzL2hXYlZ0d1dtamdSOFNUSmliSC9yVVdCNSYjeGQ7Ckx2NWJvci9JMnlrZnVQSlNpcnhlckJ2T0xyNUZVQjduT3hoNFBTU01wT2V0K2NuZUdOUXhYK1BYSUpYZjRoMjJIaTB4Q05RZjFOYWUmI3hkOwo2UjBrOXpERHJHL0VpV1U2SlFpeEFIUldkNFdmV1RaZlZlSEptUT09CjwvZHM6U2lnbmF0dXJlVmFsdWU+CjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSURKakNDQWc2Z0F3SUJBZ0lWQUtGN1gyVWZENkVSWTRtL2tvbUZsOFZSeW96eU1BMEdDU3FHU0liM0RRRUJDd1VBTUJ3eEdqQVkKQmdOVkJBTU1FWGN4TnpndWFXNWxkR05zYjNWa0xuWnVNQjRYRFRJd01ETXdPVEExTlRjMU5Wb1hEVFF3TURNd09UQTFOVGMxTlZvdwpIREVhTUJnR0ExVUVBd3dSZHpFM09DNXBibVYwWTJ4dmRXUXVkbTR3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUNxb2dMK0ltbklPaE10bkJLM0YxU2pNN2xpeDVZdit5bzZpeXFSS2x4cmg3THpRTmY0VC80SXM0c1g1KzhxSmVXS0NnSUYKdFZJSTFHOE5zYWY1N2YrbTZhTjNNWWQ5RVNkblFPMGhFcnhHK0hxSmRUV2FoSFZTL29zbjZDcFFUeis4enljckJaaGNNN1FaQWFFVwo4aGFqTVdxeXF3WHZTbmwwYmYrUDFYaDU4Qk5Bb2ZOWTlBVkxzTGxUbUk0Qk9PYkRnWTZCMVBoWDZ4Um5lSnF2LzNaNDN4YUpiL2lZCjBLSENuVDdDOHowSENIbGJ2VC96SHlGaFFFUkRzaUlzQXduUHU4NUN5bVNocnFwN0orZUk1U0dwWXNwVmdxcWIxdE1hSkdubm5zVWYKNjVTclo2RjdLUys5RWpvWVNRYkZEUWt2UU5STlM4NS91dGtnNVlzQ0dGQjdBZ01CQUFHalh6QmRNQjBHQTFVZERnUVdCQlNxNTRXVgo0cjNYajV6dldEZmVoTXVIaGZhN0ZEQThCZ05WSFJFRU5UQXpnaEYzTVRjNExtbHVaWFJqYkc5MVpDNTJib1llZHpFM09DNXBibVYwClkyeHZkV1F1ZG00dmFXUndMMjFsZEdGa1lYUmhNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJtMml4WENSM0dwZDNTcVJMUDRkWk4KQXVrNmN3L3B4cFVBc0V4MnFSVnpnZzRIUzNGeHljZEQ2L3NTYXpvTlBKU01XWlZMMDNIR0x0dW1GWkx1czVZOXd6aThNQTlRL2FLNwp5T1FURWdqRjZoQmFnN2pEUGVLbUVYeFNNcDdDdUg1THphbW40eWZZT2FxM3FSQjRuSDViblFvS1Jod2t0eDRLMm9WQWQ0OStIRGxuCjB0ZlNFS0NzTnZkNDZCWk9hTFF6ekVEOVh1OWNyYTZSRTRGSytNYWV1M2l5WUsraVFmU2FHN2E2aHM4TFpmcVlpRFE0TzNkeGRLS1YKWTZNbVV3TXJiR0UrZFlsdUh5eHlxTHlIVHlwSklxdkdTMVIwUTFmSG9LdVdpTCsyU2wwM3JrcmVnZ0dyd1E0bXV3ZWRLbDN0a1FjdgpISE5CTXFRNnpvT3dnanMrPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWwycDpTdGF0dXMgeG1sbnM6c2FtbDJwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPjxzYW1sMnA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1sMnA6U3RhdHVzPjxzYW1sMjpBc3NlcnRpb24gSUQ9Il8xNDMzOTkyMjcxNzg3NDEwNDMyIiBJc3N1ZUluc3RhbnQ9IjIwMjAtMDMtMTBUMDQ6Mjc6MjkuODYxWiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWwyOklzc3Vlcj5odHRwczovL3cxNzguaW5ldGNsb3VkLnZuL2Nhcy9pZHA8L3NhbWwyOklzc3Vlcj48c2FtbDI6U3ViamVjdD48c2FtbDI6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50IiBOYW1lUXVhbGlmaWVyPSJodHRwczovL29ubHlvZmZpY2UuaW5ldGNsb3VkLnZuL3Nzby9tZXRhZGF0YSIgU1BOYW1lUXVhbGlmaWVyPSJodHRwczovL29ubHlvZmZpY2UuaW5ldGNsb3VkLnZuL3Nzby9tZXRhZGF0YSI+Vzd1VGxpWlZ2eTV6cHp5SHNkM2w0ekU2RWVRPTwvc2FtbDI6TmFtZUlEPjxzYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWwyOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iXzYwODQwY2VlLWYzYTMtNGE2Yi05OTRiLWJjNjFkMzJmOGQxNSIgTm90T25PckFmdGVyPSIyMDIwLTAzLTEwVDA0OjI3OjQ0Ljg1M1oiIFJlY2lwaWVudD0iaHR0cHM6Ly9vbmx5b2ZmaWNlLmluZXRjbG91ZC52bi9zc28vYWNzIi8+PC9zYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDI6U3ViamVjdD48c2FtbDI6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMjAtMDMtMTBUMDQ6Mjc6MTQuODYzWiIgTm90T25PckFmdGVyPSIyMDIwLTAzLTEwVDA0OjI3OjQ0Ljg2M1oiPjxzYW1sMjpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sMjpBdWRpZW5jZT5odHRwczovL29ubHlvZmZpY2UuaW5ldGNsb3VkLnZuL3Nzby9tZXRhZGF0YTwvc2FtbDI6QXVkaWVuY2U+PC9zYW1sMjpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDI6Q29uZGl0aW9ucz48c2FtbDI6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDIwLTAzLTEwVDA0OjI3OjI5Ljg1M1oiIFNlc3Npb25JbmRleD0iU1QtMy1RQkNCUU84NlBNNS1LQmR5cEZMcERPeWdHWUEtbG9jMC1pbi1mMTc4Ij48c2FtbDI6U3ViamVjdExvY2FsaXR5IEFkZHJlc3M9IjE3Mi4xNi4xLjIwIi8+PHNhbWwyOkF1dGhuQ29udGV4dD48c2FtbDI6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmRQcm90ZWN0ZWRUcmFuc3BvcnQ8L3NhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDI6QXV0aG5Db250ZXh0Pjwvc2FtbDI6QXV0aG5TdGF0ZW1lbnQ+PHNhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDI6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iY3JlZGVudGlhbFR5cGUiIE5hbWU9ImNyZWRlbnRpYWxUeXBlIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PHNhbWwyOkF0dHJpYnV0ZVZhbHVlPlVzZXJuYW1lUGFzc3dvcmRDcmVkZW50aWFsPC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48c2FtbDI6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iaXNGcm9tTmV3TG9naW4iIE5hbWU9ImlzRnJvbU5ld0xvZ2luIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PHNhbWwyOkF0dHJpYnV0ZVZhbHVlPmZhbHNlPC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48c2FtbDI6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iYXV0aGVudGljYXRpb25EYXRlIiBOYW1lPSJhdXRoZW50aWNhdGlvbkRhdGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dXJpIj48c2FtbDI6QXR0cmlidXRlVmFsdWU+MjAyMC0wMy0xMFQwMzoyNTowMS4yMTMxMThaPC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48c2FtbDI6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iYXV0aGVudGljYXRpb25NZXRob2QiIE5hbWU9ImF1dGhlbnRpY2F0aW9uTWV0aG9kIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PHNhbWwyOkF0dHJpYnV0ZVZhbHVlPkxkYXBBdXRoZW50aWNhdGlvbkhhbmRsZXI8L3NhbWwyOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDI6QXR0cmlidXRlPjxzYW1sMjpBdHRyaWJ1dGUgRnJpZW5kbHlOYW1lPSJzdWNjZXNzZnVsQXV0aGVudGljYXRpb25IYW5kbGVycyIgTmFtZT0ic3VjY2Vzc2Z1bEF1dGhlbnRpY2F0aW9uSGFuZGxlcnMiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dXJpIj48c2FtbDI6QXR0cmlidXRlVmFsdWU+TGRhcEF1dGhlbnRpY2F0aW9uSGFuZGxlcjwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PHNhbWwyOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9ImxvbmdUZXJtQXV0aGVudGljYXRpb25SZXF1ZXN0VG9rZW5Vc2VkIiBOYW1lPSJsb25nVGVybUF1dGhlbnRpY2F0aW9uUmVxdWVzdFRva2VuVXNlZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZT5mYWxzZTwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PC9zYW1sMjpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sMjpBc3NlcnRpb24+PC9zYW1sMnA6UmVzcG9uc2U+
SSO/metadata: https://onlyoffice.inetcloud.vn/sso/metadata
p/s: Has we support SSO via CAS ? and where can I get log error in this action in system ?
Attachments
Screen Shot 2020-03-10 at 11.37.32.png
Screen Shot 2020-03-10 at 11.37.32.png (255.02 KiB) Viewed 505 times
Screen Shot 2020-03-10 at 10.52.03.png
Internal Error
Screen Shot 2020-03-10 at 10.52.03.png (82.95 KiB) Viewed 505 times

Carl
Posts: 396
Joined: Thu Apr 12, 2018 10:00 am

Re: Integrate SSO with CAS via SAML2

Post by Carl » Mon Mar 16, 2020 10:14 am

Hello tranthoang.vn,

We officially support only the following SSO IdP's:
ADFS https://helpcenter.onlyoffice.com/serve ... -adfs.aspx
OneLogin https://helpcenter.onlyoffice.com/serve ... login.aspx
Shibboleth https://helpcenter.onlyoffice.com/serve ... oleth.aspx

We haven't tested the ONLYOFFICE SSO functionality with with CAS so we cannot guarantee the correct work. You can check the logs CommunityServer\logs\web.log and ControlPanel\logs\web.sso.log for error entries.

Post Reply