Shibboleth ADFS integration

9.0.x
help

#1

Hello,

I'm trying to authenticate Owncloud users using ADFS and Shibboleth SP.
i have used the administration manual and this guide https://technet.microsoft.com/en-us/library/gg317734(v=ws.10).aspx to help me configure Shibboleth.

I managed to create a trust between adfs and Owncloud. When i browse to myowncloud.com/Shibboleth.sso/Login i get redirected to my ADFS. But after entering my credentials in ADFS i get redirected back to the owncloud login screen where it asks my credentials again.

My knowledge of SAML is limited and there are no obvious errors in the logs. I have idea what the problem could be.

owncloud.log doesn't show the login attempt.

shibboleth/transaction.log:

2016-07-26 13:36:09 INFO Shibboleth-TRANSACTION [6]: New session (ID: _01b5269704829a01132077690c0311f9) with (applicationId: default) for principal from (IdP: http://myadfs.nl/adfs/services/trust) at (ClientAddress: 62.133.x.x) with (NameIdentifier: don@testdomain.nl) using (Protocol: urn:oasis:names:tc:SAML:2.0:protocol) from (AssertionID: _bcbc86c4-d818-4eeb-a251-48e8ba49831a)
2016-07-26 13:36:09 INFO Shibboleth-TRANSACTION [6]: Cached the following attributes with session (ID: _01b5269704829a01132077690c0311f9) for (applicationId: default) {
2016-07-26 13:36:09 INFO Shibboleth-TRANSACTION [6]:    upn (1 values)
2016-07-26 13:36:09 INFO Shibboleth-TRANSACTION [6]:    group (2 values)
2016-07-26 13:36:09 INFO Shibboleth-TRANSACTION [6]:    eppn (1 values)
2016-07-26 13:36:09 INFO Shibboleth-TRANSACTION [6]:    affiliation (1 values)
2016-07-26 13:36:09 INFO Shibboleth-TRANSACTION [6]: }

Server configuration
Operating system: Ubuntu 14.0
Web server: Apache2.4
Database: mysql
PHP version: php5
ownCloud version (see ownCloud admin page): 9.0.3 enterprise
Updated from an older ownCloud or fresh install: Fresh install
Special configuration: LDAP for user synchronization


#2

Hi,

for enterprise support please contact your support contact of https://www.owncloud.com.

The forums here is used mostly by users of the community edition which doesn't include the Shibboleth support.