Skip to main content
2Charlie
2Charlie
Inspiring
January 19, 2016
Answered

Shibboleth authentication with LDAP

  • January 19, 2016
  • 1 reply
  • 2017 views

I'm running into "Internal Server Error" when trying to authenticate using shibboleth with LDAP. Here's the ColdFusion error.

Element MYSITESHIBBOLETH.USERNAME is undefined in SESSION. The specific sequence of files included or processed is: \\commonspotshare.mysite.com\commonspot$\TEST\test.mysite.com\authenticate.cfm, line: 32

And here's the authenicate.cfm file line 32.

    This topic has been closed for replies.
    Correct answer 2Charlie

    Okay, so how do I remove everything after the SSO in the following cgi.http_referer?

    https://logintest.mysite.com/idp/profile/SAML2/Redirect/SSO;jsessionid=BD14DA537857266CDDE34FC15368386F?execution=e1s1


    Okay, I got it to work. I need to use reReplace() to extract out the part that I need so that the cfif work and the session get set.

    <cfset cgiReferer = reReplace(#cgi.httP_REFERER#, "[\?;].+", "\1") />

    <!--- if shibboleth sent us here, remember the data it gave us--->

    <!---<cfif cgi.http_referer eq shibboleth_url>--->

    <cfif cgiReferer eq shibboleth_url>

      <cfscript>

      session.testShibboleth = StructNew();

      session.testShibboleth.username=REReplace(http_header.headers.eppn, "@test.com","","ALL");

      session.testShibboleth.mail=http_header.headers.eppn;

      session.testShibboleth.groups=ArrayToList(REMatch('WEB\.[A-Z.-]+', http_header.headers.member));

      session.testShibboleth.isAuthenticated="true";

      </cfscript>

    </cfif>

    1 reply

    EddieLotter
    EddieLotter
    Inspiring
    January 19, 2016

    Add <cfdump var="#session.mysiteShibboleth#> on line 30 and see what result you get.

    My guess is that the struct does not contain "username".

    Cheers

    Eddie

    2Charlie
    2CharlieAuthor
    Inspiring
    January 19, 2016

    There is no dump on the browser but this is the error I got in the ColdFusion error log.

    "Error","ajp-bio-8013-exec-1","01/19/16","12:47:32",,"Invalid CFML construct found on line 30 at column 44.ColdFusion was looking at the following text:<p>\""</p><p>The CFML compiler was processing:<ul><li>An expression that began on line 30, column 22.<br>The expression might be missing an ending #, for example, #expr instead of #expr#.<li>The tag attribute var, on line 30, column 17.<li>A cfdump tag beginning on line 30, column 10.<li>A cfdump tag beginning on line 30, column 10.</ul> The specific sequence of files included or processed is: \\commonspotshare.mysite.com\commonspot$\TEST\test.mysite.com\authenticate.cfm, line: 30 "

    EddieLotter
    EddieLotter
    Inspiring
    January 19, 2016

    I failed to close the var attribute's quote in my post and the Web interface is not allowing me to edit the post. Check your syntax, it should be as follows:

    <cfdump var="#session.mysiteShibboleth#">

    Cheers

    Eddie

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices