I have a struggle for this to work, so I created a Rails application for the hellish world to try and get it to work.
Here's a repo with code that doesn't work: https://github.com/pitosalas/shibtry
Here's what I did, starting with an empty Rails application:
I added two gems to the gem files:
gem 'omniauth-shibboleth' gem 'rack-saml'
I got the shibboleth metadata from my university website and converted it using shib_conv.rb to the corresponding YAML: ./ config.yml
I updated the routes by adding get '/auth/:provider/callback', to: 'sessions#create'
I set a breakpoint in SessionController#create
I added initializers: omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do provider :shibboleth, { :shib_session_id_field => "Shib-Session-ID", :shib_application_id_field => "Shib-Application-ID", :debug => true, :extra_fields => [ :"unscoped-affiliation", :entitlement ] } end
I added the rack_sam.rb initializer:
Rails.application.config.middleware.insert_after Rack::ETag, Rack::Saml, { :metadata => "#{Rails.root}/config/metadata.yml"}
Now start the server and go to http://0.0.0.0:3000/auth/shibboleth and I get the error message:
undefined method `[]' for nil:NilClass'
which can be traced back to this line in line 13 of the line-saml / misc / onelogin_setting.rb, which:
settings.idp_sso_target_url = @metadata['saml2_http_redirect']
In other words, searching for a metadata hash for this key. It happens that this key is present in my metadata.yml file, but by the time I get to this line onelogin_setting.rb 13, @metadata is nil (it must contain the contents of the file), and therefore this key does not exist.
And where at the moment the path dries up.
source share