Connexion ADFS error with xibo

Hi,

I followed this documentation to implement SSO authentication via ADFS: https://xibosignage.com/docs/setup/saml-single-signon-with-active-directory-adfs

But when i try to connect on xibo, i have this error :

• Error details: MSIS3077: The AssertionConsumerServices property is not configured for relying party trust ‘https://xibo.ks.fr/saml/acs’.

Here my configuration :
/*

• Xibo - Digital Signage - http ://www.xibo.org.uk
• This file is part of Xibo - and is automatically generated by the installer
• You should not need to edit this file, unless your SQL connection details have changed.
  */

defined(‘XIBO’) or die(__(“Sorry, you are not allowed to directly access this page.”) . “
” . __(“Please press the back button in your browser.”));

global $dbhost;
global $dbuser;
global $dbpass;
global $dbname;
global $dbssl;
global $dbsslverify;

$dbhost = ‘127.0.0.1’;
$dbuser = ‘xibo’;
$dbpass = ‘blabla’;
$dbname = ‘xibo’;
$dbssl = ‘’;
$dbsslverify = ‘’;

if (!defined(‘SECRET_KEY’))
define(‘SECRET_KEY’,‘Fdfdhfghfhg3vY’);;

if (file_exists(‘/var/www/cms/custom/settings-custom.php’))
include_once(‘/var/www/cms/custom/settings-custom.php’);

$authentication = new \Xibo\Middleware\SAMLAuthentication();

$samlSettings = array (
‘workflow’ => array(
// Enable/Disable Just-In-Time provisioning
‘jit’ => true,
// Attribute to identify the user
‘field_to_identify’ => ‘UserName’, // Alternatives: UserID, UserName or email
// Default libraryQuota assigned to the created user by JIT
‘libraryQuota’ => 1000,
// Initial User Group
‘group’ => ‘Users’,
// Home Page
‘homePage’ => ‘icondashboard.view’,
// Enable/Disable Single Logout
‘slo’ => false,
// Attribute mapping between XIBO-CMS and the IdP
‘mapping’ => array (
‘UserID’ => ‘’,
‘usertypeid’ => ‘’,
‘UserName’ => ‘uid’,
‘email’ => ‘mail’,
)
),
// Settings for the PHP-SAML toolkit.
// See documentation: https ://github.com/onelogin/php-saml#settings
‘strict’ => false,
‘debug’ => true,
‘idp’ => array (
‘entityId’ => ‘https ://xibo.ks.fr/saml/acs’,
‘singleSignOnService’ => array (
‘url’ => ‘https ://identity.ks.fr/adfs/ls’,
),
‘singleLogoutService’ => array (
‘url’ => ‘http ://identity.ks.fr/simplesaml/saml2/idp/SingleLogoutService.php’,
),
‘x509cert’ => 'MIIE8DCCAtigAwIB…FNpZ25p…3JsZWFucy…0yNTA1MzExNjU4MzFaMD…mxwcxdfgfddgffuZ>
),
‘sp’ => array (
‘entityId’ => ‘https ://xibo.ks.fr/saml/acs’,
‘assertionConsumerService’ => array (
‘url’ => ‘https ://xibo.ks.fr/saml/acs’,
),
‘singleLogoutService’ => array (
‘url’ => ‘https ://xibo.ks.fr/saml/sls’,
),
‘NameIDFormat’ => ‘urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified’,
‘x509cert’ => ‘’,
‘privateKey’ > ‘’,
),
‘security’ => array (
‘nameIdEncrypted’ => false,
‘authnRequestsSigned’ => false,
‘logoutRequestSigned’ => false,
‘logoutResponseSigned’ => false,
‘signMetadata’ => false,
‘wantMessagesSigned’ => false,
‘wantAssertionsSigned’ => false,
‘wantAssertionsEncrypted’ => false,
‘wantNameIdEncrypted’ => false,
)
);

I put spaces in my url so that I can validate my post, but in reality, no space is put in the URLs!!
I also have this error in the adfs console :

Note that I disabled the firewall on the ADFS server and on the Xibo server

Thank for your help

Hi,

I was able to make some progress this morning on my problem
I added an endpoint in the adfs configuration and now I have no more ADFS error

Against side Xibo, it still blocks :

I feel like there’s still a problem with the url https://xibo.ks.fr/saml/acs
I’m trying to find logs on the xibo server, but I can’t find anything.
I found a log file in/var/www/var/log/xibo but it is no longer powered by then on June 10

Do you know where I can find them?

Thank

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.