Support » Plugin: SAML 2.0 Single Sign-On » Simplesamlphp Error

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author ktbartholomew


    I can’t say definitively what’s going wrong with just that error message. Depending on your sign-on flow, it could be a number of different things.

    Assuming you’re doing an SP-initiated login, (WordPress-first) the most likely culprits are that you have not uploaded or generated a signing certificate, or that the signing certificate that ADFS has does not match the one at your SP.

    If you’ll upload or link to the XML of your SAML communications, we should be able to see what’s going wrong.

    To be honest I am not sure what happened, however I was able to fix the issue by uninstalling the plugin, and deleting all of the file, then reinstalling and setting everything back up again. After uploading the certificate files again it worked ok. I do have another issue and I am uncertain if I should post another top, or place it here though. Now it seems to be logging me in, and then I get the following: “The website administrator has not given you permission to log in”. I have created all of the groups WP-Administrator, WP-Editor, WP-Author, WP-Contrib, WP-Subscriber. Created and assigned the same security group in AD and assigned the user that is logging in to the WP-Administrator group. Thoughts?

    Plugin Author ktbartholomew


    Again, it’s hard to say for sure without seeing the XML that the IdP is passing to WordPress. That error message should only appear if the user has none of the predefined groups, AND you have unchecked the box to allow unlisted users. Otherwise, at a minimum, users should be given the role of subscriber by default. I would check to be sure that the ADFS group claim is being mapped correctly to the attribute that the plugin expects.

    I fixed it. It was not passing in the AD groups as a claim. Working well now…

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Simplesamlphp Error’ is closed to new replies.