You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Configure user_saml with 'Use Environment variable'
Configure an attribute mapping for mail and groups
Log into your instance. If you have multiple groups and/or mail addresses, you can see in your personal information that they are not split into multiple values but treated as single values. This may even cause a crash if you are in many groups, because the database column is limited to 64 chars.
Expected behaviour
Multi-value attributes (delimited by semicolons) should be split. It works if not using the environment mechanism but connecting directly to an idp, but I want to integrate nextcloud into a federation, which requires the use of apache/mod_shib/shibd and environment variables.
Actual behaviour
Multi-value attributes are not split but treated as a single value, causing various problems.
I tracked that down to the behaviour of the getAttribute* functions in apps/user_saml/lib/UserBackend.php and I may be able to develop a workaround or clean fix, but of course this problem should be fixed in the official sources.
This bug makes the integration of Nextcloud into a Shibboleth-based federation impossible in many situations.
Steps to reproduce
Expected behaviour
Multi-value attributes (delimited by semicolons) should be split. It works if not using the environment mechanism but connecting directly to an idp, but I want to integrate nextcloud into a federation, which requires the use of apache/mod_shib/shibd and environment variables.
Actual behaviour
Multi-value attributes are not split but treated as a single value, causing various problems.
I tracked that down to the behaviour of the getAttribute* functions in apps/user_saml/lib/UserBackend.php and I may be able to develop a workaround or clean fix, but of course this problem should be fixed in the official sources.
This bug makes the integration of Nextcloud into a Shibboleth-based federation impossible in many situations.
Server configuration
Operating system:
Ubuntu 22.04
Web server:
Apache 2.4.52
Database:
Postgresql 14
PHP version:
8.1
Nextcloud version: (see Nextcloud admin page)
25.0.3
Where did you install Nextcloud from:
?
List of activated apps:
Nextcloud configuration:
{
"system": {
"debug": true,
"instanceid": "REMOVED SENSITIVE VALUE",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"nc.uni-bremen.de",
"nextcloud.zfn.uni-bremen.de",
"nextcloud.uni-bremen.de",
"nextcloud.vm.uni-bremen.de"
],
"datadirectory": "REMOVED SENSITIVE VALUE",
"dbtype": "pgsql",
"version": "25.0.3.2",
"overwrite.cli.url": "https://nc.uni-bremen.de",
"dbname": "REMOVED SENSITIVE VALUE",
"dbhost": "REMOVED SENSITIVE VALUE",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"memcache.local": "\OC\Memcache\APCu",
"default_phone_region": "DE",
"filelocking.enabled": true,
"memcache.locking": "\OC\Memcache\Redis",
"memcache.distributed": "\OC\Memcache\Redis",
"redis": {
"host": "REMOVED SENSITIVE VALUE",
"port": 6379,
"timeout": 0,
"password": "REMOVED SENSITIVE VALUE"
},
"mail_smtpmode": "smtp",
"mail_smtpsecure": "tls",
"mail_sendmailmode": "smtp",
"mail_from_address": "REMOVED SENSITIVE VALUE",
"mail_domain": "REMOVED SENSITIVE VALUE",
"mail_smtphost": "REMOVED SENSITIVE VALUE",
"default_language": "de",
"default_locale": "de_DE",
"lookup_server": "",
"allow_user_to_change_display_name": false,
"enable_previews": true,
"maintenance": false,
"theme": "",
"loglevel": 1,
"trashbin_retention_obligation": "auto,30",
"bulkupload.enabled": false,
"app_install_overwrite": [
"issuetemplate"
]
}
}
Client configuration
Browser:
Firefox, Chrome, Chromium, ...
Operating system:
Ubuntu
The text was updated successfully, but these errors were encountered: