Question

OpenID with LemonLdap

  • 6 October 2022
  • 3 replies
  • 165 views

Badge +2

Hi Everybody,

I am a old user of centreon, after the 22.04 i use sso configuration with http_header and i now want to use with openid. 

I configured my lemonldap and after test, when i click on “connect with Openip” i go to my lemonldap and return on the login prompt.

Centreon-web.log is not very verbose 

[2022-10-06T17:12:40+0200] [INFO] [EventSubscriber\WebSSOEventSubscriber:188]: finding web-sso configuration
[2022-10-06T17:12:40+0200] [INFO] [Core\Application\Platform\UseCase\FindInstallationStatus\FindInstallationStatus:47]: check installation status of centreon web
[2022-10-06T17:12:40+0200] [DEBUG] [EventSubscriber\UpdateEventSubscriber:69]: Checking if route matches updates endpoint
[2022-10-06T17:12:40+0200] [INFO] [EventSubscriber\WebSSOEventSubscriber:188]: finding web-sso configuration
[2022-10-06T17:12:40+0200] [DEBUG] [EventSubscriber\UpdateEventSubscriber:69]: Checking if route matches updates endpoint
[2022-10-06T17:12:40+0200] [DEBUG] [EventSubscriber\UpdateEventSubscriber:69]: Checking if route matches updates endpoint
[2022-10-06T17:12:40+0200] [INFO] [EventSubscriber\WebSSOEventSubscriber:188]: finding web-sso configuration
[2022-10-06T17:12:40+0200] [NOTICE] [Security\Domain\Authentication\AuthenticationService:86]: [AUTHENTICATION SERVICE] token not found
[2022-10-06T17:12:40+0200] [DEBUG] [Core\Security\Infrastructure\Repository\DbWriteTokenRepository:56]: Deleting expired refresh tokens
[2022-10-06T17:12:40+0200] [INFO] [EventSubscriber\WebSSOEventSubscriber:188]: finding web-sso configuration
[2022-10-06T17:12:40+0200] [DEBUG] [Core\Security\Infrastructure\Repository\DbWriteTokenRepository:77]: Deleting expired tokens which are not linked to a refresh token

 

I tried differents configurations if you have an idea? i get it 

Thanks


3 replies

Userlevel 6
Badge +18

Hi @sebfuturo 

Your Centreon server need a proxy to connect to the IdP?

Do you have a firewall between the user and the Centreon server that can remove payload?

 

Badge +2

Hi @Laurent  

No he doesn’t need a proxy. I can’ remove my proxy because my computer and server is not in the same network.

Badge +2

Hi i find my problems.

First my apache configuration was wrong, and the attribut for my login/alias in centreon configuration for match mith my lemonldap is sub.

 

Reply