diff options
author | Ben Bodenmiller <bbodenmiller@hotmail.com> | 2016-10-31 21:33:51 -0700 |
---|---|---|
committer | Ben Bodenmiller <bbodenmiller@hotmail.com> | 2016-10-31 21:35:34 -0700 |
commit | 66c27cf904aa2cb532d34f0cdb59e2ec72a204bf (patch) | |
tree | 5e346c4ca4ac4399fb24b8eb553a58a8f3abce18 /doc/integration/saml.md | |
parent | b328c7885532ccff70e1f9f7dc970a8dde0c52d6 (diff) | |
download | gitlab-ce-66c27cf904aa2cb532d34f0cdb59e2ec72a204bf.tar.gz |
fix how to get SAML error details
Diffstat (limited to 'doc/integration/saml.md')
-rw-r--r-- | doc/integration/saml.md | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/doc/integration/saml.md b/doc/integration/saml.md index f3b2a288776..4a242c321aa 100644 --- a/doc/integration/saml.md +++ b/doc/integration/saml.md @@ -268,13 +268,20 @@ message `Can't verify CSRF token authenticity`. This means that there is an erro the SAML request, but this error never reaches GitLab due to the CSRF check. To bypass this you can add `skip_before_action :verify_authenticity_token` to the -`omniauth_callbacks_controller.rb` file. This will allow the error to hit GitLab, -where it can then be seen in the usual logs, or as a flash message in the login -screen. - -That file is located at `/opt/gitlab/embedded/service/gitlab-rails/app/controllers` -for Omnibus installations and by default on `/home/git/gitlab/app/controllers` for -installations from source. +`omniauth_callbacks_controller.rb` file immediately after the `class` line and +comment out the `protect_from_forgery` line using a `#` then restart Unicorn. This +will allow the error to hit GitLab, where it can then be seen in the usual logs, +or as a flash message on the login screen. + +That file is located in `/opt/gitlab/embedded/service/gitlab-rails/app/controllers` +for Omnibus installations and by default in `/home/git/gitlab/app/controllers` for +installations from source. Restart Unicorn using the `sudo gitlab-ctl restart unicorn` +command on Omnibus installations and `sudo service gitlab restart` on installations +from source. + +You may also find the [SSO Tracer](https://addons.mozilla.org/en-US/firefox/addon/sso-tracer) +(Firefox) and [SAML Chrome Panel](https://chrome.google.com/webstore/detail/saml-chrome-panel/paijfdbeoenhembfhkhllainmocckace) +(Chrome) browser extensions useful in your debugging. ### Invalid audience |