Ask Question
« General Questions on Nuxeo

SAML authentication - user mapping for nuxeo

Hi, I have installed nuxeo and I am trying to configure SAML authentication for the same. I have installed saml authentication addon and web ui. I have configured the following at Idp,

1. EntityID :https://<<domain>>/nuxeo/ui 
2. AssertionConsumerService URL : https://<<domain>>/nuxeo/ui
3. SingleLogoutService URL : https://<<domain>>/nuxeo

In nuxeo's config folder I have added saml authentication config file along with user mapping config file. I followed the okta sample given at : https://github.com/nuxeo/nuxeo/tree/master/modules/platform/login/nuxeo-platform-login-saml2/sample

I am able to authenticate the user and the Idp also responds back with saml response. I even decoded the response and found to contain the necessary information.

The landing page, https://«domain»/nuxeo/ui, after authentication responds with http 403 (forbidden)

Kindly help. Thank you.

Baranidaran M
Member (70)   1   1   1 		04/11/2021 ( History)
0 votes
0 answers
980 views
ANSWER
Jackie A
Baranidaran M What version of Nuxeo are you using? Do you see the user getting created in Nuxeo? You can check by logging in as an Administrator and looking at existing Users
04/20/2021
Baranidaran M

Thanks for the response. I am using LTS2021 version. The user is not getting created in nuxeo. I got this exception in the log file : ERROR [nuxeo-error-log] org.nuxeo.ecm.directory.DirectoryException: Missing id

at org.nuxeo.ecm.directory.sql.SQLSession.createEntry(SQLSession.java:193)
at org.nuxeo.ecm.directory.sql.SQLSession.createEntry(SQLSession.java:1131)
at org.nuxeo.ecm.platform.usermanager.UserManagerImpl.createUser(UserManagerImpl.java:1290)
04/20/2021
Jackie A
Looks like you have a duplicate question here: https://answers.nuxeo.com/general/q/c70c11e952d44a60bf2d1cac78d078a9/User-authentication-saml-https-server-nuxeo-ui-redirects-back-to-login-screen , so just to confirm, is the user being successfully created?
04/28/2021
Follow
Tags
Linked Questions
Related Questions
Trying to make SAML2.0 SSO work with Azure AD
User authentication - saml - https:/<<server>>/nuxeo/ui redirects back to login screen
IdP SAML metadata configuration file
Retrieve your IdP SAML metadata configuration file
Custom Authentication not working as expected with Java Client SDK
Kerberos plugin authentication to Active Directory domain
SSO with Portal NUXEO LTS 2019
Shibboleth Logout loops back to login
Custom config for deploying plugins