Hi,
I am trying to authenticate users with SAML.
My identity provider is Azure Entra ID.
I am able to authenticate to Azure and then I am redirected to Centreon, where I get this error on the UI :
“An error occurred during authentication”
Where can I have more details on this error ?
I am wondering if the problem is with:
Sylvain
Hello,
Do you have some logs into /var/log/centreon/login.log and/or /var/log/centreon/centreon-web.log ?
Hi Jérémy,
I have activated the authentication debug and I have found this error message in centreon-web.log:d2023-11-21T11:56:13-0500] 0ERROR] RCore\Security\Authentication\Application\UseCase\Login\Login:168]: An error occurred during authentication {"trace":"Core\\Security\\Authentication\\Infrastructure\\Provider\\Exception\\SAML\\ProcessAuthenticationResponseException: Invalid metadata, the validation failed in /usr/share/centreon/src/Core/Security/Authentication/Infrastructure/Provider/Exception/SAML/ProcessAuthenticationResponseException.php:30\nStack trace:\n#0 /usr/share/centreon/src/Core/Security/Authentication/Infrastructure/Provider/SAML.php(124): Core\\Security\\Authentication\\Infrastructure\\Provider\\Exception\\SAML\\ProcessAuthenticationResponseException::create()\n#1 /usr/share/centreon/src/Core/Security/Authentication/Application/UseCase/Login/Login.php(99): Core\\Security\\Authentication\\Infrastructure\\Provider\\SAML->authenticateOrFail()\n#2 /usr/share/centreon/src/Core/Security/Authentication/Infrastructure/Api/Login/SAML/CallbackController.php(56): Core\\Security\\Authentication\\Application\\UseCase\\Login\\Login->__invoke()\n#3 /usr/share/centreon/vendor/symfony/http-kernel/HttpKernel.php(163): Core\\Security\\Authentication\\Infrastructure\\Api\\Login\\SAML\\CallbackController->__invoke()\n#4 /usr/share/centreon/vendor/symfony/http-kernel/HttpKernel.php(75): Symfony\\Component\\HttpKernel\\HttpKernel->handleRaw()\n#5 /usr/share/centreon/vendor/symfony/http-kernel/Kernel.php(202): Symfony\\Component\\HttpKernel\\HttpKernel->handle()\n#6 /usr/share/centreon/api/index.php(47): Symfony\\Component\\HttpKernel\\Kernel->handle()\n#7 {main}"}
in login.log :
2023-11-21 11:56:13|-1|0|0||saml] aINFO] authenticate the user through SAML S]
Hi,
I am wondering if I need to change something in /etc/httpd/conf.d/10-centreon.conf (as it as to be done for web sso) ...
The URL below are not responding well and I am not sure if it is normal.
https://*.*.com/centreon/api/latest/saml/acs
https://*.*.com/centreon/api/latest/saml/sls
I can compare to another app also configured with Azure Entra as an IdP and the ACS URL is responding well.
I am referring to this doc Configuring connection via SAML | Centreon Documentation
Sylvain
Hello
I have exactly the same issue. Have you found the solution?
Thanks
Bonjour Arthur,
Unfortunately no solution found so far..
Sylvain
Bonjour à tous,
Same, same on my setup.
Very annoying to secure our centreon
Any help from centreon team, please
Merci d’avance
Hi
Hello
For me centreon 23.10.10, Azure Entra ID has no version with the SaaS.
Thanks
hello do you have update please ?, me too i have same error
thank you in advance
and we need passwordless
[2024-05-31T17:24:37+0200] [error] [Core\Security\Authentication\Application\UseCase\Login\Login:166]: An error occurred during authentication {"trace":"Core\\Security\\Authentication\\Infrastructure\\Provider\\Exception\\SAML\\ProcessAuthenticationResponseException: Invalid metadata, the validation failed in /usr/share/centreon/src/Core/Security/Authentication/Infrastructure/Provider/Exception/SAML/ProcessAuthenticationResponseException.php:30\nStack trace:\n#0 /usr/share/centreon/src/Core/Security/Authentication/Infrastructure/Provider/SAML.php(124): Core\\Security\\Authentication\\Infrastructure\\Provider\\Exception\\SAML\\ProcessAuthenticationResponseException::create()\n#1 /usr/share/centreon/src/Core/Security/Authentication/Application/UseCase/Login/Login.php(97): Core\\Security\\Authentication\\Infrastructure\\Provider\\SAML->authenticateOrFail()\n#2 /usr/share/centreon/src/Core/Security/Authentication/Infrastructure/Api/Login/SAML/CallbackController.php(56): Core\\Security\\Authentication\\Application\\UseCase\\Login\\Login->__invoke()\n#3 /usr/share/centreon/vendor/symfony/http-kernel/HttpKernel.php(181): Core\\Security\\Authentication\\Infrastructure\\Api\\Login\\SAML\\CallbackController->__invoke()\n#4 /usr/share/centreon/vendor/symfony/http-kernel/HttpKernel.php(76): Symfony\\Component\\HttpKernel\\HttpKernel->handleRaw()\n#5 /usr/share/centreon/vendor/symfony/http-kernel/Kernel.php(197): Symfony\\Component\\HttpKernel\\HttpKernel->handle()\n#6 /usr/share/centreon/api/index.php(47): Symfony\\Component\\HttpKernel\\Kernel->handle()\n#7 {main}"}
i have this result
l'application SAML a demandé aux utilisateurs de s'authentifier avec « Mot de passe, ProtectedTransport ». Il est spécifié RequestedAuthnContext qui est une valeur dans la requête SAML envoyée depuis l'application SAML vers Azure AD. Comme la méthode d'authentification ne correspond pas, Azure AD génère une erreur avant d'envoyer la réponse SAML.
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
