View Issue Details

IDProjectCategoryView StatusLast Update
0002958SOGoPackaging (RedHat)public2014-10-17 11:34
Reportersteve Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Platform[Server] LinuxOSRHEL/CentOSOS Version6
Product Version2.2.9a 
Target VersionFixed in Version 
Summary0002958: full SAML Webmail support with Inverse liblasso passing credentials to IMAP
DescriptionSOGo currently provides support for SAML for the WebUI. There is an issue passing the user credentials through to the IMAP server. This is supposed to be handled by either PAM or SASL, however, the Inverse version of liblasso does not expose the appropriate variables in order to this to function properly. The errors are:

with SASL: unable to dlopen /usr/lib/sasl2/libsaml.so.0: /usr/lib/sasl2/libsaml.so.0: undefined symbol: lasso_provider_verify_saml_signature

with PAM: unable to dlopen(/lib/security/pam_saml.so): /lib/security/pam_saml.so: undefined symbol: lasso_misc_text_node_get_type

It would be nice if the liblasso packages could be adjusted such to expose these variables and make SAML work for the entire transaction.
Additional InformationAnother organization has provided a patch to support SASL (which I have been unable to get to work) at:

http://wiki.auf.org/wikiteki/Projet/SOGo/TestsSAML?action=AttachFile&do=view&target=lasso-export.diff

I have not tested, but I would assume that this issue extends to Debian architecture too.
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2014-10-17 11:34 steve New Issue