Ubuntu
lasso package

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #1897117
Comment #0

Comment 0 for bug 1897117

Revision history for this message

Ionut-Madalin Balutoiu (ionutbalutoiu) wrote on 2020-09-24: liblasso3 on Bionic fails to process the ECP authn response

The liblasso3 package (dependency of libapache2-mod-auth-mellon) fails when processing a ECP authn response.

Error message given by the Apache2 Mellon auth module:
[auth_mellon:error] Error processing ECP authn response. Lasso error: [101] Signature element not found.

This issue can be reproduced into an OpenStack environment with Keystone to Keystone federation, using Apache2 Mellon module for the SP (service provider).

I managed to reproduce this on:
* Ubuntu 18.04 (Bionic) with liblasso3 2.5.1-0ubuntu1.1
* Ubuntu 20.04 (Focal) with liblasso3 2.6.0-7ubuntu1

This was fixed in the upstream Lasso project (https://dev.entrouvert.org/issues/26828), and it is shipped with versions 2.6.1 or newer.

I tested liblasso3 2.6.1 on both Bionic and Focal and it fixes the problem.

Ubuntulasso package

Comment 0 for bug 1897117

Ubuntu
lasso package