How do I fix error with using SAML in Hue application

0
votes

I got a problem for using saml function in hue application.

I did every thing what I need to do in following this : https://docs.gethue.com/latest/administrator/configuration/server/#saml

env

os : ubuntu hue : 4.5.0

step 1. install below

git gcc python-dev swig openssl xmlsec1 libxmlsec1-openssl

step 2. copy metadata from Idp to local

step 3. make a private key and certification with openssl

step 4. set configuration ini file

[[auth]] 
backend=libsaml.backend.SAML2Backend 
[libsaml]
xmlsec_binary=/usr/bin/xmlsec1
metadata_file=/opt/cloudera/security/saml/idp-openam-metadata.xml
key_file=/opt/cloudera/security/saml/host.key
cert_file=/opt/cloudera/security/saml/host.pem username_source=nameid
entity_id=https://myhuedomainname.com/saml2/metadata

step 5. get hue metadata and register it at Idp

I got my hue metadata at : https://myhuedomainname.com/saml2/metadata and I registered it at Idp that our company use.

I think I did everything right.

but when I access to https://myhuedomainname.com, my browser is redirected to :https://myhuedomainname.com/saml2/login/?next=/ then I got error that I cannot solved

it is empty screen that is redirected to same url again and again.

enter image description here

in browser console, I got this error

i18n.js:17 Uncaught ReferenceError: HUE_I18n is not defined at I18n (i18n.js:17) at Module../desktop/core/src/desktop/js/jquery/plugins/jquery.filechooser.js (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:47211) at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104) at Module../desktop/core/src/desktop/js/jquery/jquery.common.js (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46742) at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104) at Module../desktop/core/src/desktop/js/hue.js (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46485) at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104) at Object.0 (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104841) at webpack_require (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104) at checkDeferredModules (hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:65)

I18n @ i18n.js:17 ./desktop/core/src/desktop/js/jquery/plugins/jquery.filechooser.js @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:47211 webpack_require @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 ./desktop/core/src/desktop/js/jquery/jquery.common.js @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46742 webpack_require @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 ./desktop/core/src/desktop/js/hue.js @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:46485 webpack_require @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 0 @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104841 webpack_require @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:104 checkDeferredModules @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:65 (anonymous) @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:241 (anonymous) @ hue-bundle-facb48d1fb2c72ee1343.js:sourcemap:244

bootstrap-tooltip.js:326 Uncaught TypeError: Cannot read property 'fn' of undefined at bootstrap-tooltip.js:326 at bootstrap-tooltip.js:361 (anonymous) @ bootstrap-tooltip.js:326 (anonymous) @ bootstrap-tooltip.js:361

bootstrap-typeahead-touchscreen.js:317 Uncaught TypeError: Cannot read property 'fn' of undefined at bootstrap-typeahead-touchscreen.js:317 at bootstrap-typeahead-touchscreen.js:358 (anonymous) @ bootstrap-typeahead-touchscreen.js:317 (anonymous) @ bootstrap-typeahead-touchscreen.js:358

bootstrap-better-typeahead.min.js:12 Uncaught TypeError: Cannot read property 'extend' of undefined at bootstrap-better-typeahead.min.js:12 at bootstrap-better-typeahead.min.js:12 (anonymous) @ bootstrap-better-typeahead.min.js:12 (anonymous) @ bootstrap-better-typeahead.min.js:12

popover-extra-placements.js:113 Uncaught ReferenceError: jQuery is not defined at popover-extra-placements.js:113 (anonymous) @ popover-extra-placements.js:113

?next=/:123 Uncaught ReferenceError: Dropzone is not defined at ?next=/:123 (anonymous) @ ?next=/:123

below is the logs of hue

[23/Sep/2019 21:50:34 +0000] middleware INFO Redirecting to login page: / [23/Sep/2019 21:50:34 +0000] access INFO
210.94.41.89, 34.96.109.171 -anon- - "GET / HTTP/1.1" (mem: 158mb)-- login redirection [23/Sep/2019 21:50:34 +0000] access INFO
210.94.41.89, 34.96.109.171 -anon- - "GET / HTTP/1.1" returned in 1ms (mem: 158mb) [23/Sep/2019 21:50:34] "GET / HTTP/1.1" 302 0 [23/Sep/2019 21:50:34] "GET /static/desktop/js/bundles/hue/hue-bundle-facb48d1fb2c72ee1343.js.map HTTP/1.1" 200 7139914 [23/Sep/2019 21:50:35 +0000] access DEBUG 210.94.41.89, 34.96.109.171 -anon- - "GET /saml2/login/ HTTP/1.1" (mem: 158mb) [23/Sep/2019 21:50:35 +0000] mdstore DEBUG
service => {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': [{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'class': 'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService', 'location': 'https://sts.secsso.net/adfs/ls/'}], 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': [{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class': 'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService', 'location': 'https://sts.secsso.net/adfs/ls/'}]} [23/Sep/2019 21:50:35 +0000] mdstore DEBUG service => {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': [{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'class': 'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService', 'location': 'https://sts.secsso.net/adfs/ls/'}], 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': [{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class': 'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService', 'location': 'https://sts.secsso.net/adfs/ls/'}]} [23/Sep/2019 21:50:35 +0000] mdstore DEBUG service(http://sts.secsso.net/adfs/services/trust, idpsso_descriptor, single_sign_on_service, None) [23/Sep/2019 21:50:35 +0000] mdstore
DEBUG service => {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': [{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'class': 'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService', 'location': 'https://sts.secsso.net/adfs/ls/'}], 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': [{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class': 'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService', 'location': 'https://sts.secsso.net/adfs/ls/'}]} [23/Sep/2019 21:50:35 +0000] mdstore DEBUG service(http://sts.secsso.net/adfs/services/trust, idpsso_descriptor, single_sign_on_service, urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect) [23/Sep/2019 21:50:35 +0000] mdstore DEBUG service => [{'binding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'class': 'urn:oasis:names:tc:SAML:2.0:metadata&SingleSignOnService', 'location': 'https://sts.secsso.net/adfs/ls/'}] [23/Sep/2019 21:50:35 +0000] client INFO destination to provider: https://sts.secsso.net/adfs/ls/ [23/Sep/2019 21:50:35 +0000] entity
INFO REQUEST: https://sbc-hue.mgmt.dev.com/saml2/metadata/ [23/Sep/2019 21:50:35 +0000] client INFO AuthNReq: https://sbc-hue.mgmt.dev.com/saml2/metadata/ [23/Sep/2019 21:50:35 +0000] entity INFO HTTP REDIRECT [23/Sep/2019 21:50:35 +0000] views WARNING User is using Hue 3 UI [23/Sep/2019 21:50:35 +0000] decorators INFO
AXES: Calling decorated function: dt_login [23/Sep/2019 21:50:35 +0000] decorators INFO args: (True,) [23/Sep/2019 21:50:35 +0000] access INFO 210.94.41.89, 34.96.109.171 -anon- - "GET /saml2/login/ HTTP/1.1" returned in 250ms (mem: 158mb)

I tried it with hue 4.0.0 version but it works

1
samlclouderahue

1 Answers

0
votes

I resolved it with setting 'redirect_whitelist'. I just though it is not mandatory. but it is