Hi, I'm trying to set up a plone instance with SAML2 authentication
in a new Plone 4.3 production instance (with cache, load balancing,
apache front-end, all the enchilada). I've set up other SAML2 instances
in the past, but now I'm getting the showed bellow.
One suspicious thing I see is that the destination seem incorrect (it's https://myserver//VNC/acl_users/saml2sp/post, shoultdn't be https://myserver/acl_users/saml2sp/post
?). Something is trigering an error in dm/zope/saml2/browser/role.py:74,
since the destination is different from the url (btw, there seems to be
an error in zope.saml since SamlError doesn't exists).
I don't know how to fix it. ANy ideas?
2015-11-27T14:25:04 ERROR Zope.SiteErrorLog 1448630704.740.362998668326 https://portal.zimbra-vnc.de/VNC/acl_users/saml2sp/post
Traceback (innermost last):
Module ZPublisher.Publish, line 138, in publish
Module ZPublisher.mapply, line 77, in mapply
Module ZPublisher.Publish, line 48, in call_object
Module dm.zope.saml2.browser.role, line 47, in post
Module dm.zope.saml2.browser.role, line 74, in _process
-
traceback_info: <samlp:Response
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
ID="s20703863e1fffb6e603b8ee60f087301e8dfc3d83"
InResponseTo="_0b16fb56-cb20-4be0-b500-1676953efdde" Version="2.0"
IssueInstant="2015-11-27T13:25:04Z" Destination="https://portal.zimbra-vnc.de//VNC/acl_users/saml2sp/post"> [...]
</saml:Assertion></samlp:Response>
NameError: global name 'SamlError' is not defined