Suitecrm: 7.8.2 SAML Login Issue

Any news with regards to this bug. Anyone knows a workaround? This is completely stopping our ability to upgrade to newer versions.

I posted a solution in #3270 12 days ago. Also, @swamikevala posted an alternate solution. @gymad needs to make a PR to fix this bug.

Has there been an update to the SAML/Google integration issue? It's a complete blocker for us deploying SuiteCRM.

Thanks!

Same here still waiting for this to be fixed in order to properly update suitecrm to the latest version.

@rdebattista Have you heard or learned anything about this, at all? It's really killing us right now, and we're simply investigating other solutions. Which version are you running that you're trying to upgrade from? Thanks.

@salesagility Any updates on this? Much appreciated.

I am currently using SuiteCRM 7.8.1 since it is the latest one to properly work with SAML.

Have a look at the issue I created a while ago: #3270 and which I have referred to earlier in this issue.
There you can find a fix for this issue.

Any updates on this?

And, @ebogaard , that didn't fix it for us, on either the LTS version or the cutting edge version.

Hi all,
we are using the suiteCRM version 7.8.6 and, after some fix, now the SAML authentication with GSuite works fine!
In particular, how suggested by @ebogaard in #3270, we had to update to the newest php-saml library.

we downloaded it here:
https://github.com/onelogin/php-saml/releases
(in our case we have used the version v2.11.0)

and substituted it in the following path
"

Moreover it is needed to be careful with the "Entity id" field in the Service Provider Details window. ( see https://support.google.com/a/answer/6087519): "ACS URL" and "Entity ID" must be the same value with the following format.

"ACS URL" = "https:// "Entity ID" = "https://

At the last, after the activation of SAML authentication. you could needed to logged in with first administration user.
Try adding the parameter no_saml in the suitecrm url .
https://

Sandro

This solution did not work. The error is gone, however I am simply being redirected to a new saml request and the login process starts over and over.

@rdebattista I think that the update of the php-saml library have fixed the issue described #3270. So the problem could depend on some wrong configuration.
Could you use a SAML tracer plugin on your browser? It helped us to understand the out issue on "Entity ID". If you want you can share the tracing (hidden private info of course).

Over the months I've watched release after release, bug fix after bug fix... Yet, this critical SAML bug that will not allow us to deploy SuiteCRM still hasn't been fixed. Can anyone help me better understand what the delay is? Is it that complex? Remember, this was previously working prior to 7.8.2. I appreciate any insight. (And, no, the mentioned fixes above don't appear to work for us and some others.)

Thanks.

None of the workarounds worked for me and honestly I do not have the time to keep attempting workarounds. The only decent fix for production would be a fixed version we can easily deploy/update.

@rdebattista - we finally just rebuilt it ourselves and overrode the default login.

These are the files you'll need to make/edit. We went with an OAuth 2.0 implementation using Google.

./custom/login.tpl (Override the login.tpl file used)
./custom/oauth_login.php (AJAX call script that handles login/registration)
./custom/application/Ext/EntryPointRegistry/entry_point_registry.ext.php (Made an entry point for it in order to access SuiteCRM code from withinn the AJAX call)
./custom/modules/Users/Login.php (calls the login.tpl above instead of core/theme templates, arguably not needed)

FYI Short notes on migration and SLO patch: http://ipros24.ru/suitecrm-broken-saml-authentication/.

This issue has been fixed in later versions of 7.8, 7.10 and 7.11.
You should probably close this.