SOGo | BTS

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002958SOGoPackaging (RedHat)public2014-10-17 11:342014-10-17 11:34
Reportersteve 
Assigned To 
PrioritynormalSeverityminorReproducibilityalways
StatusnewResolutionopen 
Platform[Server] LinuxOSRHEL/CentOSOS Version6
Product Version2.2.9a 
Target VersionFixed in Version 
Summary0002958: full SAML Webmail support with Inverse liblasso passing credentials to IMAP
DescriptionSOGo currently provides support for SAML for the WebUI. There is an issue passing the user credentials through to the IMAP server. This is supposed to be handled by either PAM or SASL, however, the Inverse version of liblasso does not expose the appropriate variables in order to this to function properly. The errors are:

with SASL: unable to dlopen /usr/lib/sasl2/libsaml.so.0: /usr/lib/sasl2/libsaml.so.0: undefined symbol: lasso_provider_verify_saml_signature

with PAM: unable to dlopen(/lib/security/pam_saml.so): /lib/security/pam_saml.so: undefined symbol: lasso_misc_text_node_get_type

It would be nice if the liblasso packages could be adjusted such to expose these variables and make SAML work for the entire transaction.
Additional InformationAnother organization has provided a patch to support SASL (which I have been unable to get to work) at:

http://wiki.auf.org/wikiteki/Projet/SOGo/TestsSAML?action=AttachFile&do=view&target=lasso-export.diff [^]

I have not tested, but I would assume that this issue extends to Debian architecture too.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2014-10-17 11:34 steve New Issue


Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker