Hello, The profile.c if from the lasso module -> https://github.com/adieu/lasso/blob/master/lasso/saml-2.0/profile.c
We need to find which lasso function in SOGoSAML2Session.m (I assume, it may be another file) is called and make that error, then check the arguments given. Quentin -----Original Message----- From: users-requ...@sogo.nu <users-requ...@sogo.nu> On Behalf Of Claas Hilbrecht Sent: mardi 27 juin 2023 20:55 To: users@sogo.nu Subject: Re: [SOGo] SAML login not working / Keycloak 21.1.1 / Debian bookworm Hi, I recompiled the sogo 5.8.4 package from Debian sid and added some NSLog outputs. So I can confirm that the SAML response is really ok and the content is fine. But it seems something in my setup is wrong. SOGo writes the current session to the sogo_sessions_folder. This works fine, the content in stored in the mysql db. But after storing the session two errors get logged: --- (process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24 (profile.c/:913) Trying to unref a non GObject pointer file=profile.c:913 pointerbybname=profile->identity pointer=0x55c2ab612ec0 (process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24 (profile.c/:916) Trying to unref a non GObject pointer file=profile.c:916 pointerbybname=profile->session pointer=0x55c2ab547c90 --- I can't find the profile.c source code for now but I assumed sogo tried to read from the table sogo_user_profile the users profile. But even after creating this entry INSERT INTO `sogo_user_profile` (`c_uid`, `c_defaults`, `c_settings`) VALUES ('claas.hilbre...@example.com', '{}', '{}'); I still get the above error... So what I'm missing? --- Jun 27 18:45:24 sogod [20775]: 79.140.187.148, 172.27.11.107 "GET /SOGo//claas.hilbre...@example.com HTTP/1.1" 302 0/0 0.015 - - 0 - 13 Jun 27 18:45:24 sogod [20775]: |SOGo| starting method 'POST' on uri '/SOGo/saml2-signon-post' 2023-06-27 18:45:24.643 sogod[20775:20775] loginA: claas.hilbre...@example.com 2023-06-27 18:45:24.643 sogod[20775:20775] loginB: claas.hilbre...@example.com 2023-06-27 18:45:24.643 sogod[20775:20775] loginC: claas.hilbre...@example.com 2023-06-27 18:45:24.643 sogod[20775:20775] assertionA: <saml:Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ID_21fcb575-9d92-4539-889e-40cf22767fd0" IssueInstant="2023-06-27T18:45:24.511Z" Version="2.0"><saml:Issuer>https://auth.example.com/realms/master</saml:Issuer><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><dsig:Reference URI="#ID_21fcb575-9d92-4539-889e-40cf22767fd0"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>KNo7JjLw1k6KyvJCzBkw6firW3TO2IvMr9Z+NiIeJqE=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>aDvUyS7iFXxi9ILF6byZeh1wbmqu2928G2KNa7zWGGEK0bDTv6udgHtoVnaBJ1+s4JE7G5QCBc/0KdmK+qveGwITcTXLSaSZHZuKfF3Nd1Q8HbA/m7YX9F0E8qFHBQkBCGvbSiR2Jttn2YXkGsxy+T455dV24Fl840KkM9ENiG4e2kHExHdM1aFMQbgBMxdJcWhBTkatnawBvSv5PpTvG8u0bU4UX7RlsdGnK+OnWCCe8tH1aKLUUaDRANuiEzroyVdBLbXEnmiYLru8QIx9ycckrx6NuIw6kNX73g07S5uQUS9fxemYs6BRNcHUHboL/aRPdq1XrgUDdBsTdDiFdQ==</dsig:SignatureValue><dsig:KeyInfo><dsig:KeyName>lW-L-g3kaWfrc5goQbcyY8W77J3-dWbKGA1joPXW19M</dsig:KeyName><dsig:X509Data><dsig:X509Certificate>MIICmzCCAYMCBgGAiWAFjDANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjIwNTAzMTAwMTUzWhcNMzIwNTAzMTAwMzMzWjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKbGwTJIDI7FURSwl83/CH15MTTVXN9ieRRcJ6Bd/tXogpNLMpqKCbMT3gdn7mF9XR+xNryKCwPIcDO2TMOE9yXxyLe4SQvj06zR+dK/v63sJk783rRO7APLFmoamQtONDc5nfqz3DpKbTCO0AqIK8Ki44TzQviEYaMzidApMI46bDl0ep5o/zCgzmNlVIZFdah4wp7c1wRw3+RVlrgJonT3dY7C+mHhLYrQ+pZsWb/6hmt1mvglf+Vh6iQrt6/I7uCMHH9LxxdRyaCCLZly6Zdei0qjlmp+VRTm+EMscct6kmeOgAXX5KCSh6n+flx7neL+MlQ0fgtGaBrnaxLzPDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGOhSwEHfHPbBk/QmyYfIvvMekDEj6iZCx/mrLRY0QuZzimsGgTFGM4kHH3kBwRvrswiB/VFloUrAtSBK6/NLc7CGNAdZ+pazOYcD/b0FtmoeGNixQluXVPdzsLYLVVvxHC/XrHS7C9Ne2bfwal+OP5c/emuNuV6PSmqo8XZhSP3025TapoDph+07DKRZUiJbCYcKgWrW+/UbaLCi0enf7qY2q7f8ztCwMxkClNN1RxQb/Fh78CG8eIW5hypyP/FLMlcOiDMLynwoSxSuinuIT/pzS8KW5nh8CftevPh8peCrlLv6Xzux7Ys3FANnXOhUEKsgM1c+PTen87Nq3JZ6RM=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">G-2594070f-2a5d-452d-8a25-97a59350d785</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData InResponseTo="_B242FC97294F0C92067C5F0410D67BB8" NotOnOrAfter="2023-06-27T18:46:22.511Z" Recipient="https://sogo.example.com/SOGo/saml2-signon-post"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2023-06-27T18:45:22.511Z" NotOnOrAfter="2023-06-27T18:46:22.511Z"><saml:AudienceRestriction><saml:Audience>https://sogo.example.com/SOGo/saml2-metadata</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2023-06-27T18:45:24.511Z" SessionIndex="16413760-ecf9-4e38-9b82-266b51046c5c::1e9f2cf8-cfb8-4f57-a147-7eb92f5825c6" SessionNotOnOrAfter="2023-06-28T04:45:24.511Z"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute FriendlyName="email" Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">claas.hilbre...@example.com</saml:AttributeValue></saml:Attribute><saml:Attribute FriendlyName="username" Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">clahil</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion> 2023-06-27 18:45:24.643 sogod[20775:20775] identifierA: G-2594070f-2a5d-452d-8a25-97a59350d785 2023-06-27 18:45:24.645 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL: BEGIN; 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> query has no results. 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL: SELECT t1.c_creationdate, t1.c_id, t1.c_lastseen, t1.c_value FROM sogo_sessions_folder t1 WHERE t1.c_id='AY9zox6L6tlqhvTT'; 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> query has results, entering fetch-mode. 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> SQL: ROLLBACK; 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab607120] connection=0x0x55c2aafe91a0> query has no results. 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL: BEGIN; 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> query has no results. 2023-06-27 18:45:24.646 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL: INSERT INTO sogo_sessions_folder (c_lastseen, c_creationdate, c_value, c_id) VALUES (1687891524, 1687891524, '+6v3UAlzw1Uopz6KfBucDF/undxmEMWLRwYITYMMPL/WfB8aZiYjLw4LS+IqAGZDf4awmijbrXRySJkvBVBUMogRfMQi1DhmW1eqsfBRM/jTWF0w7UZdT4TccirJ+6vqoATWvjNiNFKxo9TXHXC6uSbom3iDukBubHvqO4gJsAis9kq+DvE/B4onJZU1GsYOC2mAclvhO0feGN/0HhNDUQ6UsQRHnbFourjAcZ2qBbwwIe3EvY8hzor/+d0530RAVgL+XQ6ztdHhJEisomlqBTQ8GkM/gyZJSjRnPP2yvTxvFOb1Qk+zQdkB6fzAoF4uZfOtZttcdyVsbflb+zPr760YiqHnybtQ57bZio73p40iyda/Q6elpkiyFwMQm7uBvhErfUc92P06fKYmoBdduGsnZOVJpDxHYL/ooSxxeD+oexo4gnXlMMlJ5Dbgm5kiN1Gtf6VZwIlljk4xyUu6lmzaYG0b22A1Ioqjyaj6OLignMPuk1tlfIqcZ2PHg2We+TlYZnXhh4k2PbK2jrbqrc8EmUdehTqJ9IE2qSKUvfpNLCNHzk5OdUg1BQFNRw+TAKx3AX8MoPS6fZnHNUzHduzT4NCmb6gLsPeHZqWVdYWskXyUblZwGJMh0es8VvhTMa86c1ePJb+Z+eQfojmSHk35UKIApZefJzxSXTwZrr6CEtNrNc/nKXhQgfdgvq+YzHLcZZdAFnugaLm+pUoIFLmticYvgn1VpCb1k2GL6kf1Uqt40R1tTyQ7TwPR1WTyHxt0yjWPX13a0cj5SU22nMkB8Q9wDuBfP1mtIssXDyHZINvo+U0U3K5/VJcm/imXHJinVfQXgpdjeKn0MACHpZv4Duk7OyCL3uaJAsk02LgDuK54eghp3StIE5zQGGAxr4k1zIYsLIuUiL+jGPUi2A2S4x2ZN1htAxWemOgN2N0fVp0QjhMt3Gv/YJcMYdOplNjOtkvMbayBhMsftehJ+/3lq9IGXIr8/qjvZ wWy9WXuvgzzOAnmXOdlLXn8wb8c HVVi6fVWp0X4+PQRxypEtpd2h9qzMX2ulwrugE0WOm67zsPnibH/mrrg7KV+G+WkGIGZlbXVWbXHre2+VeQ0YYZcStgKFK8oO6hgsHxjBm858ppgsxHegBXCg9vFIqku/0AF/+hScH/+s0mMLYs5oJK64t+aknIRUYYT/W1luKTKskuEYpp5ida1yKqshi96YCKn/DiYxaDZN0DaHVYlapzRxgsp6P1v4wSkEyS6bpquOw3vRKiKrDCbUurIQiD04PQY1M15SjfqjF14dKC6ejt0EJ/DF/zP8LzWIxi8vmS9tfQlnhONoVjBtyltYsOjDHsPr+WVhSpcgTnzRJaJIpJsUy4Nc4nBTYuEvh1v7okug+QyNmRMalDI0p98PwDbxjzoBX0A6mEBRuyhMeLR5qmXD5blXrvSgPEeRQPw1uJwhkaOej8gi3qek1g8IajgeCWbWw4eSQrT4ZW07AVOkh1q8sYpMRr+IyFUev5lDfnlsatPATOP30ISST8sGrWS8drpMd0xKmxg9iqaj4Ux3L6/QcSU2ZX6ogZ/9ggQhwofmM4ed2AZHgzq8A79rnZ4fXr8MGRCRx8N1W4p0eIhptc3r3oL/yp1UzVZe46NTJBLerRn2m40kfy+cTlL3kL9sJyebuv62MF22ycExyEYVQA/SOePpvhxdYFhEgKBAJ6Wl2nWi0ZZou0XAQgXtxHHOCTAUw1jCvfDoyZrqZLfTzpqtBOShAnNRkErXfPgKszn/qQBgow0CyO7gtQO8PKHMMdns5jJq/Q0xBo5CtLYTlfT77jHRGcJxUjFjE7rbRrkv6c4thYWPZpbyu9BohRQj1VBh++gyR4K/z2GD9m1eiitevSnyfVfTrqX9FyYN4GBKcOsikBhWdMGFNBO6B16CFBR8ZwBbY07PG1aKWIPpFi28iOl7I1F8f2Ci0bCmHWOiyLfOD2rzUf90kjSxEm3QRZhALKiqSNxcUbgRoZbrMBaItljyU4lNdhkIT eYftskjaNLUfh2iNxOjg43PDLU iV1gDKi2CNp1bKLtFCLeJZjYBStRQ9tTL9ZpJso1CAzoKpBpjxZq', 'AY9zox6L6tlqhvTT'); 2023-06-27 18:45:24.647 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> query has no results. 2023-06-27 18:45:24.647 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> SQL: COMMIT; 2023-06-27 18:45:24.647 sogod[20775:20775] <MySQL4Channel[0x0x55c2ab0eaf30] connection=0x0x55c2aaef91c0> query has no results. Jun 27 18:45:24 sogod [20775]: |SOGo| constructed root-url: /SOGo/ Jun 27 18:45:24 sogod [20775]: |SOGo| setting root-url in context: /SOGo/ Jun 27 18:45:24 sogod [20775]: |SOGo| ROOT baseURL(no container, name=(null)): own: /SOGo/ attribute->Name: email == email (loginAttribue) textNode->content: claas.hilbre...@example.com (process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24 (profile.c/:913) Trying to unref a non GObject pointer file=profile.c:913 pointerbybname=profile->identity pointer=0x55c2ab612ec0 (process:20775): Lasso-CRITICAL **: 20:45:24.648: 2023-06-27 20:45:24 (profile.c/:916) Trying to unref a non GObject pointer file=profile.c:916 pointerbybname=profile->session pointer=0x55c2ab547c90 Jun 27 18:45:24 sogod [20775]: |SOGo| request took 0.087479 seconds to execute Jun 27 18:45:24 sogod [20775]: 79.140.187.148, 172.27.11.107 "POST /SOGo/saml2-signon-post HTTP/1.1" 302 0/12977 0.089 - - 28K - 13 ---