0

I installed SimpleSAMLPHP and created a SQL login source like this in the authsources.php:

$config = array(
    'admin' => array(
        'core:AdminPassword',
    ),
    'myLogin-sql' => array(
        'sqlauth:SQL',
        'dsn' => 'mysql:host=localhost;port=3306;dbname=myDB',
        'username' => 'myUserName',
        'password' => 'myPasWord',
        'query' => '
            SELECT * FROM users 
            WHERE user_username = :username 
            AND user_code = (SELECT PASSWORD(:password)) 
            AND user_active=1',
    ),
);

Then I specified the Identification Provider in saml20-idp-hosted.php to use my source like this:

$metadata['__DYNAMIC:1__'] = array(
    'host' => '__DEFAULT__',
    'privatekey' => 'myWebiste.com.pem',
    'certificate' => 'myWebsite.com.crt',
    'auth' => 'myLogin-sql',
};

The query definitely work so I know that is not the problem. Yet when I turn it on in sugarCRM, it say unable to find the binder:

SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace:
1 /home/public_html/sso/www/_include.php:37 (SimpleSAML_exception_handler)
0 [builtin] (N/A)
Caused by: Exception: Unable to find the current binding.
Backtrace:
2 /home/public_html/sso/vendor/simplesamlphp/saml2/src/SAML2/Binding.php:97 (SAML2_Binding::getCurrentBinding)
1 /home/public_html/sso/modules/saml/lib/IdP/SAML2.php:292 (sspmod_saml_IdP_SAML2::receiveAuthnRequest)
0 /home/public_html/sso/www/saml2/idp/SSOService.php:18 (N/A)

What am I doing wrong?

PS: You can try it using the link here

Bill Software Engineer
  • 7,362
  • 23
  • 91
  • 174
  • Something is wrong at your simpleSAMLphp settings. When I access simpleSAMLphp authentication page [1] I don't see the 'myLogin-sql' that you described in your example, instead a 'default-sp' Are you using the same simpleSAMLphp instance as IdP and SP? [1] https://mdina.ca/sso/www/module.php/core/authenticate.php – smartin Aug 14 '15 at 15:09
  • What's the difference between IdP and SP? I thought I setup an IdP to connect to my local database, then sugarCRM can connect to that. What would SP do? – Bill Software Engineer Aug 14 '15 at 15:36
  • You deployed an IdP that is using sugarCRM database as the authentication source. Now you need to enable a SP (to protect the sugarCRM), and connect this SP with the IdP. Read this similar case: https://github.com/pitbulk/tiki-saml/blob/master/doc/tiki_wiki_as_idp.rst – smartin Aug 14 '15 at 17:08

0 Answers0