LoginShibbolethUser::getSiteId expects all the URLs tested against to start with http://. It won't work with https:// websites.

Possible fixes

• Remove the protocol from $domain and use a LIKE operator:

  $domain = '%://' . $parsedDomain['path'];
  $siteId = Db::fetchOne('SELECT idsite FROM ' . Common::prefixTable('site') . ' WHERE main_url LIKE ?',
    array($domain));
  

• Use an OR condition to check both https and http protocol at the same time
• Use a REGEXP operator
• Don't change the code, but document this behaviour

@pouyana I'd be happy to submit a MR based on the solution that suits you best.

Hi,

if i activate the plugin, the piwik webinterface only shows a blank page and i get the following php error:

PHP Fatal error: Cannot declare class Piwik\\Plugins\\LoginShibboleth\\Menu, because the name is already in use in /var/www/piwik/plugins/ShibbolethLogin/Menu.php on line 0, referer: http://webdev/index.php?module=CorePluginsAdmin&action=plugins&idSite=1&period=day&date=yesterday&activated=&mode=admin&sort=

I tested piwik 2.16.0 on debian jessie with php 5.6 and piwik 2.16.5 on ubuntu xenial with php 7.0 - same error on both systems.

The plugin was installed via Piwik Marketplace and i added the LoginShibboleth section to the config.ini.php.

Any ideas what i did wrong? Please let me know if you need some further information.

Hi,

after installing version 1.1.10 i got the following error:
Call to undefined method Piwik\\Plugins\\LoginShibboleth\\LoginShibbolethAuth::getHashTokenAuth()

I tested piwik 2.16.0 on debian jessie with php 5.6 and piwik 2.16.5 on ubuntu xenial with php 7.0 - same error on both systems.

This time i installed the plugin via zip-Upload and via Marketplace...same result with both scenarios.

Hi,

I use your Plugin whith shibboleth only, so all informations and permissions are obtained via the header parameters if a user visits piwik. This works fine after some configuration. But if I try to use the API with a auth_token via a script the authentication fails, because the authenticateWithToken() method in LoginShibbolethAuth.php returns an AuthResult::FAILURE.

Therefore I think this line
$user = $piwikUserModel->getUser($login);
should be treplaced with this line (as used in the Auth.php form the basic Login plugin)
$user = $piwikUserModel->getUserByTokenAuth($token);
In my case this works, is this the right way to do it?

Thanks, Simon

Hi,

there are some LDAP settings that are mandatory, even if LDAP is disabled.

I configured the plugin via config.ini.php and disabled LDAP with ldap_active = 0 Nevertheless, i get the following error message: Can not connect to the LDAP server.
If i configure an existing LDAP-Server everything is fine...

Furthermore i had to set shibboleth_view_groups_option and shibboleth_admin_groups_ldap_dn, although i set shibboleth_groups_manual_active = 1. Just as I understand the documentation in the wiki, it should only be neccessary to set shibboleth_groups_manual and shibboleth_superuser_groups. Or have I misunderstood that?