can't sync bookmarks in chromium using canonical sso

Bug #1539755 reported by Chris J Arges
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Canonical SSO provider
Invalid
Undecided
Unassigned

Bug Description

Since our canonical e-mail is also a google username, I was able to use
this to sync work browser bookmarks with my account. I recently re-
installed a new machine and cannot log into my account (which
authenticates via ubuntu-sso).

How to reproduce:
1) Click 'sign into chromium'
2) Enter '<email address hidden>' as username and something as password
3) You are re-directed to ubuntu-one log-in, log in and enter second
factor info
4) You'll get an oops as follows.

Oops!
Sorry, something just went wrong in Ubuntu One.
We’ve recorded what happened, and we’ll fix it as soon as possible.
Apologies for the inconvenience.

OOPS ID: OOPS-24f08dd22b6148afb34bbaab9d0bd57d

Sentry ID: 77484bb288e34068861e6a496e49a46f

Will Cooke (willcooke)
Changed in canonical-identity-provider:
status: New → Confirmed
Revision history for this message
Chad Miller (cmiller) wrote :

"None of the processors in SAML2IDP_REMOTES could handle this request."

Every SAML processor in the list raised CannotHandleAssertion in can_handle

Either the base _validate_request() raised it (no saml2idp_metadata remotes has the same acs_url (as ...?) ), or the ACS URL doesn't have ".google.com/a/" in it. Impossible to tell because exceptions are thrown away.

Revision history for this message
Daniel Manrique (roadmr) wrote :

One would need to install a SAML interception extension for the browser and intercept the SAML assertion (an XML document) to see what it's doing and why none of our remotes can handle the request.

That said, this bug is old enough and our SAML implementation has changed enough that it might not be an issue. I'll close it for now but feel free to reopen with the above-requested information if it happens again.

Changed in canonical-identity-provider:
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.