我的settings.py就像
import os
BASEDIR = os.path.dirname(os.path.abspath(__file__))
SAML_CONFIG = {
"strict": True,
"debug": True ,
"service" :{
"sp": {
'name': 'XXX',
'allow_unsolicited': True,
'want_assertions_signed': True, # assertion signing (default=True)
'want_response_signed': True,
"want_assertions_or_response_signed": True, # is response signing required
'name_id_format': "urn:oasis:names:tc:SAML:1.1:nameid-format:basic",
"entityId": "https://localhost:8002/metadata/",
"assertionConsumerService": {
"url": "https://localhost:8002/?acs",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
},
"singleLogoutService": {
"url": "https://localhost:8002/?sls",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
"NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"x509cert": "",
"privateKey": ""
},
"idp": {
# "entityId": "https://dev-92033760.okta.com/app/exv13qURtCj35d7/sso/saml/metadata",
"entityId": "http://www.okta.com/3qURtCj35d7",
"singleSignOnService": {
"url": "https://dev-9203760.okta.com/app/dev-92033760_saml4july_1/exRtCj35d7/sso/saml",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
},
"singleLogoutService": {
"url": "https://dev-9233760.okta.com/app/dev-92033760_saml4july_1/exka35d7/sso/saml",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
},
},
},
'metadata': {
'local': [os.path.join(BASEDIR, 'remote_metadata.xml')],
}
}字符串
但从okta成功重定向后,正在下方
身份验证错误。拒绝访问。
and on logs getting
Traceback(最近的呼叫最后一次):File“/home/zec/label-studio-project/djangosaml2/djangosaml2_venv/lib/python3.8/site-packages/djangosaml2/views.py“,line 469,in post response = client.parse_authn_request_response(File“/home/zec/label-studio-project/djangosaml2/djangosaml2_venv/lib/python3.8/site-packages/saml2/client_base.py”,line 773,in parse_authn_request_response raise SAMLError(“Missing entity_id specification”)saml2.SAMLError:缺少entity_id规范禁止:/saml2/acs/
1条答案
按热度按时间wydwbb8l1#
根据文档,您的实体ID,通常是您的子域加上元数据视图的URL。
尝试更改:
字符串
收件人:
型