Question

SAML module not starting up completely

0

We are using version 1.5 of the SAML 2.0 module in our app, which is on Mendix version 6.8.1. We have an issue with the SSO startup process. The module initially loads with no errors on the console or in the log file. We get a couple of entries in the log that indicate that the module was loaded, but that's it. Our setup is that whenever a user hits our login page, it redirects them to our client's SSO login page which then sends the response back to us. Things work fine in normal operating mode, but whenever the server is restarted and someone attempts to hit the site they get a 404 for the SSO/ page. I have to login to the page as mxadmin, go to the SAML module and click 'Save' on one of the pages. This "kick in the butt" causes this line in the log: SAML_SSO: SAML SSO RequestHandler has been added to path 'SSO/' From this point on, everything works just fine. Any subsequent calls will properly redirect the user to where they need to go. Any thoughts, anyone?

asked 2016-09-28

Lance Cash

2 answers

Nikel Kruizinga · Answer 1 · 2016-09-28

My guess is you forgot to trigger the After startup microflow that's in the SAML module's USE ME folder in your application start up microflow.

Jasper van der Hoek · Answer 2 · 2016-09-29

If you are getting the message: "SAML_ SSO: SAML SSO RequestHandler has been added to path 'SSO/' " it does mean that the module starts. This is triggered from the after startup event.
As long as you don't see any errors in the SAML_SSO lognode after that you should be fine.

When the SAML module starts, but you still get a 404 message it is likely that you rewriter configuration is not setup correctly.

You need to make sure SSO/ is added as a url rewrite (keep in mind url can be case-sensitive, the module assumes upper case) MxCloud: Open environment details -> Network Tab -> Request Handlers -> Add SSO (identical settings as /ws/ )
Windows: https://world.mendix.com/display/howto50/Deploying+Mendix+on+Microsoft+Windows#DeployingMendixonMicrosoftWindows-4.4ConfiguringURLRewrite
Linux: https://github.com/mendix/m2ee-tools/blob/develop/doc/nginx.md

The default rewrite rules are only for webservice, rest, odata and deeplink (which are the most common). If you want logic (mf or Java) behind any other url you'd need to add that in the request handler configuration.