Not configured to automatically link accounts

Created on 25 May 2021, over 3 years ago
Updated 27 February 2023, almost 2 years ago

Problem/Motivation

When a user tries to login with SAML, he is redirected to front page, but logged out.

Steps to reproduce

* Install a Drupal core 8.9.15
* Install samlauth 3.2
* Install simplesamlphp_auth 3.2
* Try logging in with SAML

**Replaces sensitive information with XXX.**
Error log:
May 24 18:13:14 samlauth|No matching local users found for unique SAML ID XXX. request_id="XXX"
May 24 18:13:14 samlauth|Denying login: SAML login for unique ID XXX matches existing Drupal account name XXX and we are not configured to automatically link accounts. request_id="XXX"
May 24 18:13:14 samlauth|A local user account with your login name already exists, and we are disallowed from linking it. request_id="XXX"

Proposed resolution

πŸ’¬ Support request
Status

Active

Version

3.2

Component

Code

Created by

πŸ‡§πŸ‡·Brazil peduardo

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • πŸ‡ΊπŸ‡ΈUnited States minkahb

    My IdP is sending the email address as a unique ID attribute.

    When I go to admin/config/people/saml/authmap to map this, I enter in the email address and am able to find a user to map to.

    When select "Apply", I see the message "Not configured to automatically link accounts", and when I exit admin/config/people/saml/authmap and sign back in, I see the values I entered where not saved.

    My configuration is:

    OS: CentOS 7
    Drupal version : 9.5.3
    samlauth version: version: '8.x-3.8'
    PHP Version: 8.2.1
    NGINX Version: nginx/1.22.1

    I enabled all the debugging options at admin/config/people/saml, but I am unsure if any of this is being logged. I checked these locations and didn't find anything:

    /var/log/messages
    /var/log/nginx/access.log
    /var/log/nginx/error.log
    /var/log/php-fpm/error.log

    I also checked /admin/reports/dblog, and don't see anything being logged here.

  • πŸ‡ΊπŸ‡ΈUnited States minkahb

    Update:

    I am now able to see samlauth messages at /admin/reports/dblog.

    The only message type I see is a debug message, and what's concerning is that when the SAML request is being sent, the User is Anonymous (not verified).

    So I am going to follow that path of troubleshooting and this particular issue I raised can be closed.

Production build 0.71.5 2024