View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0002958||SOGo||Packaging (RedHat)||public||2014-10-17 11:34||2014-10-17 11:34|
|Platform||[Server] Linux||OS||RHEL/CentOS||OS Version||6|
|Target Version||Fixed in Version|
|Summary||0002958: full SAML Webmail support with Inverse liblasso passing credentials to IMAP|
|Description||SOGo currently provides support for SAML for the WebUI. There is an issue passing the user credentials through to the IMAP server. This is supposed to be handled by either PAM or SASL, however, the Inverse version of liblasso does not expose the appropriate variables in order to this to function properly. The errors are:|
with SASL: unable to dlopen /usr/lib/sasl2/libsaml.so.0: /usr/lib/sasl2/libsaml.so.0: undefined symbol: lasso_provider_verify_saml_signature
with PAM: unable to dlopen(/lib/security/pam_saml.so): /lib/security/pam_saml.so: undefined symbol: lasso_misc_text_node_get_type
It would be nice if the liblasso packages could be adjusted such to expose these variables and make SAML work for the entire transaction.
|Additional Information||Another organization has provided a patch to support SASL (which I have been unable to get to work) at:|
I have not tested, but I would assume that this issue extends to Debian architecture too.
|Tags||No tags attached.|